chore(actions): bump gitleaks/gitleaks-action from 2.3.9 to 3.0.0

[dependabot]

Bumps gitleaks/gitleaks-action from 2.3.9 to 3.0.0.

Release notes

Sourced from gitleaks/gitleaks-action's releases.

v3.0.0

What's changed

gitleaks-action v3 migrates the runtime from Node 20 to Node 24. No changes to inputs, outputs, or behavior. Update your workflow from gitleaks/gitleaks-action@v2 to gitleaks/gitleaks-action@v3.

Migration

# Before
- uses: gitleaks/gitleaks-action@v2
After

uses: gitleaks/gitleaks-action@v3

Why

GitHub is deprecating the Node 20 runtime for Actions:

• June 2, 2026: GitHub flips the runner default to Node 24. Workflows using gitleaks-action@v2 (Node 20) will still run, but only if ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true is set as an environment variable.
• September 16, 2026: Node 20 is removed from GitHub-hosted runners entirely. gitleaks-action@v2 stops working regardless of any opt-out flag.

Changes

• action.yml: runtime node20 → node24
• @actions/core: 1.10.0 → 1.11.1
• dist/ rebuilt
• Example workflows updated to actions/checkout@v6 and gitleaks-action@v3
• README updated with v3 migration guide

Self-hosted runners

If you use self-hosted runners, ensure your runner version is >= v2.327.1 (required for Node 24 support).

Commits

• e0c47f4 chore: migrate to Node 24 runtime (v3)
• bf2dc8e Merge pull request #191 from Olexandr88/patch-1
• b71323b Update README.md
• 9c66aa9 Update README.md
• 186c3fe Create FUNDING.yml
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Update gitleaks/gitleaks-action to v3.0.0 in the security workflow to migrate to the Node 24 runtime. Behavior stays the same and keeps the action compatible with upcoming runner changes.

• Dependencies
  • Bumped gitleaks/gitleaks-action from 2.3.9 to 3.0.0 in .github/workflows/security.yml.

^{Written for commit 82545e7. Summary will update on new commits.}

[dependabot]

Labels

The following labels could not be found: ci/cd, contributor. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
sytcolabs	Ready	Preview, Comment	Jun 1, 2026 8:19pm

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud