deps(deps): bump the pre-commit-hooks group across 1 directory with 10 updates

[dependabot]

Bumps the pre-commit-hooks group with 10 updates in the / directory:

Package	From	To
https://github.com/trufflesecurity/trufflehog	v3.95.3	3.95.6
https://github.com/pre-commit/mirrors-clang-format	v21.1.7	22.1.5
https://github.com/astral-sh/ruff-pre-commit	v0.15.14	0.15.18
https://github.com/RobertCraigie/pyright-python	v1.1.409	1.1.410
https://github.com/astral-sh/uv-pre-commit	0.11.15	0.11.23
https://github.com/python-jsonschema/check-jsonschema	0.37.2	0.37.3
https://github.com/renovatebot/pre-commit-hooks	43.150.0	43.234.1
https://github.com/igorshubovych/markdownlint-cli	v0.48.0	0.49.0
https://github.com/errata-ai/vale	v3.14.2	3.15.1
https://github.com/crate-ci/typos	v1.46.2	1.47.2

Updates https://github.com/trufflesecurity/trufflehog from v3.95.3 to 3.95.6

Release notes

Sourced from https://github.com/trufflesecurity/trufflehog's releases.

v3.95.6

What's Changed

• Enigma detector enhance verification to prevent false verified findings by @​shahzadhaider1 in trufflesecurity/trufflehog#5011
• fix: scan files with lines exceeding bufio's default 64 KB token limit by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5022
• fix(postgres): honor ignore tags for default port URLs by @​Dawn-Fighter in trufflesecurity/trufflehog#4968
• Move to github.com/moby/moby/client from docker/docker by @​trufflesteeeve in trufflesecurity/trufflehog#4987
• fix: avoid terminal probes before CLI output by @​Hackerchen716 in trufflesecurity/trufflehog#4994
• Update test containers dependency by @​trufflesteeeve in trufflesecurity/trufflehog#4978
• Re-host pkg/handlers JSON test fixtures under the org by @​amanfcp in trufflesecurity/trufflehog#5023
• [INS-465] Add datadogapikey detector to defaults.go by @​mustansir14 in trufflesecurity/trufflehog#4969
• [INS-470] Add Tly detector to defaults.go, gate it behind feat flag and update its verification logic by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5006
• [INS-473] Add wit detector to defaults.go, gate it behind feat flag and update verification logic by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5008
• Updating Klaviyo PK new format by @​breetan in trufflesecurity/trufflehog#5009
• Restructure Klaviyo detector pattern tests by @​martinlocklear in trufflesecurity/trufflehog#5026
• Replace Renovate config with shared preset (high-risk tier) by @​bryanbeverly in trufflesecurity/trufflehog#4992
• set redacted value to last 4 characters of secret, to match how the secret type admin interface displays it by @​jordanTunstill in trufflesecurity/trufflehog#5027
• GitHub finegrained analyzer was improperly handling errors by @​dustin-decker in trufflesecurity/trufflehog#4498
• [INS-469] Added Rev detectors to defaults.go and gated it behind feature flag by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5005
• Fix Renovate lookup: update setup-captain version comment by @​bryanbeverly in trufflesecurity/trufflehog#4999
• [INS-472] [INS-515] Add user detector to defaults.go, gate it behind feat flag, update verification logic and add custom ep configuration by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5007
• Fix: Resolve known dedup issues in notifierWorker by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#5028
• fix(dropbox): prevent long sl.u. tokens from being truncated by @​lukem-ts in trufflesecurity/trufflehog#5012
• fix: add filetype=sdist param to pypi detector by @​lukem-ts in trufflesecurity/trufflehog#4988
• Handlers - Embed small HTTP test fixtures by @​amanfcp in trufflesecurity/trufflehog#5001
• S3: surface bucket listing failures and fix multi-role object count by @​shahzadhaider1 in trufflesecurity/trufflehog#5035

New Contributors

• @​Dawn-Fighter made their first contribution in trufflesecurity/trufflehog#4968
• @​Hackerchen716 made their first contribution in trufflesecurity/trufflehog#4994
• @​breetan made their first contribution in trufflesecurity/trufflehog#5009
• @​lukem-ts made their first contribution in trufflesecurity/trufflehog#5012

Full Changelog: trufflesecurity/trufflehog@v3.95.4...v3.95.6

v3.95.5

What's Changed

• [INS-461] Add test to ensure new detectors are registered in defaults.go by @​mustansir14 in trufflesecurity/trufflehog#4915
• [INS-455] Unify common logic in Atlassian Data Center detectors by @​mustansir14 in trufflesecurity/trufflehog#4907
• fix(github): cache repo info under original URL on redirect by @​kashifkhan0771 in trufflesecurity/trufflehog#4958
• Added GitLab OAuth Detector by @​shahzadhaider1 in trufflesecurity/trufflehog#4729
• Box Detector: Extract Subject ID for Analyzer Integration by @​shahzadhaider1 in trufflesecurity/trufflehog#4761
• [INS-346] SpectralOps Personal API Key Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4770
• [INS-335] Added AWS Appsync Detector by @​MuneebUllahKhan222 in trufflesecurity/trufflehog#4803
• fix(twilio): deduplicate matches to prevent O(N×M) result explosion by @​kashifkhan0771 in trufflesecurity/trufflehog#4954
• Automate corpora testing in CI by @​mustansir14 in trufflesecurity/trufflehog#4927
• Enable errcheck and staticcheck for golangci-lint v2 and resolve all issues by @​amanfcp in trufflesecurity/trufflehog#4924
• feat: add host, db and username to ExtraData for database detectors by @​mariocj89 in trufflesecurity/trufflehog#4849
• Remove over speculation from Corpora CI workflow by @​mustansir14 in trufflesecurity/trufflehog#4974
• Fix line numbers for duplicate secrets within a chunk by @​amanfcp in trufflesecurity/trufflehog#4910
• Add feature flags for Pinecone, Cloudinary, and GitLab OAuth detectors by @​camgunz in trufflesecurity/trufflehog#4961

... (truncated)

Commits

• 30d5bb9 S3: surface bucket listing failures and fix multi-role object count (#5035)
• f0739f1 close todo - embed small HTTP test fixtures (#5001)
• 36d680a add filetype=sdist param so we get the correct response code (#4988)
• 248ffd5 fix(dropbox): prevent long sl.u. tokens from being truncated before verificat...
• afbdaa8 Fix: Resolve known dedup issues in notifierWorker (#5028)
• 7bcf376 [INS-472] [INS-515] Add user detector to defaults.go, gate it behind feat fla...
• 84a2b33 Fix Renovate lookup: update setup-captain version comment (#4999)
• ac0805e [INS-469] Added Rev detectors to defaults.go and gated it behind feature flag...
• d03d087 GitHub finegrain analyzer was improperly handling errors (#4498)
• b64cefe set redacted value to last 4 characters of secret, to match how the secret ty...
• Additional commits viewable in compare view

Updates https://github.com/pre-commit/mirrors-clang-format from v21.1.7 to 22.1.5

Commits

• dd18dad Mirror: 22.1.5
• 3923370 Mirror: 22.1.4
• d730ad6 Mirror: 22.1.3
• 07a0f76 Mirror: 22.1.2
• 88c364b Mirror: 22.1.1
• cd481d7 Mirror: 22.1.0
• 75ca4ad Mirror: 21.1.8
• See full diff in compare view

Updates https://github.com/astral-sh/ruff-pre-commit from v0.15.14 to 0.15.18

Release notes

Sourced from https://github.com/astral-sh/ruff-pre-commit's releases.

v0.15.18

See: https://github.com/astral-sh/ruff/releases/tag/0.15.18

v0.15.17

See: https://github.com/astral-sh/ruff/releases/tag/0.15.17

v0.15.16

See: https://github.com/astral-sh/ruff/releases/tag/0.15.16

v0.15.15

See: https://github.com/astral-sh/ruff/releases/tag/0.15.15

Commits

• 77039cc Mirror: 0.15.18
• 3b3f7c3 Mirror: 0.15.17
• 99e6029 Various hardenings (#170)
• f69224b Bump the github-actions group with 2 updates (#169)
• 22f0422 Mirror: 0.15.16
• 0671d8a Mirror: 0.15.15
• See full diff in compare view

Updates https://github.com/RobertCraigie/pyright-python from v1.1.409 to 1.1.410

Commits

• 509391a Pyright NPM Package update to 1.1.410 (#361)
• See full diff in compare view

Updates https://github.com/astral-sh/uv-pre-commit from 0.11.15 to 0.11.23

Release notes

Sourced from https://github.com/astral-sh/uv-pre-commit's releases.

0.11.23

See: https://github.com/astral-sh/uv/releases/tag/0.11.23

0.11.22

See: https://github.com/astral-sh/uv/releases/tag/0.11.22

0.11.21

See: https://github.com/astral-sh/uv/releases/tag/0.11.21

0.11.20

See: https://github.com/astral-sh/uv/releases/tag/0.11.20

0.11.19

See: https://github.com/astral-sh/uv/releases/tag/0.11.19

0.11.18

See: https://github.com/astral-sh/uv/releases/tag/0.11.18

0.11.17

See: https://github.com/astral-sh/uv/releases/tag/0.11.17

0.11.16

See: https://github.com/astral-sh/uv/releases/tag/0.11.16

Commits

• b17b79c Mirror: 0.11.23
• 6745231 Mirror: 0.11.22
• fe06329 Mirror: 0.11.21
• 8cef97b Mirror: 0.11.20
• f827c74 various hardenings (#68)
• c665864 Mirror: 0.11.19
• 3e75184 Mirror: 0.11.18
• 254dd00 Mirror: 0.11.17
• f19149a Mirror: 0.11.16
• See full diff in compare view

Updates https://github.com/python-jsonschema/check-jsonschema from 0.37.2 to 0.37.3

Release notes

Sourced from https://github.com/python-jsonschema/check-jsonschema's releases.

0.37.3

• Update vendored schemas: bitbucket-pipelines, circle-ci, dependabot, github-workflows, gitlab-ci, mergify, readthedocs, renovate, snapcraft, woodpecker-ci (2026-06-12)

Changelog

Sourced from https://github.com/python-jsonschema/check-jsonschema's changelog.

0.37.3

• Update vendored schemas: bitbucket-pipelines, circle-ci, dependabot, github-workflows, gitlab-ci, mergify, readthedocs, renovate, snapcraft, woodpecker-ci (2026-06-12)

Commits

• 5030dca Bump version for release
• e49ebfe Merge pull request #687 from python-jsonschema/dependabot/pip/responses-0.26.1
• b3ae064 Bump responses from 0.26.0 to 0.26.1
• 48ba608 Fix stale test data
• ed0cecf Update vendored schemas
• b1f7546 Merge pull request #686 from python-jsonschema/vendor-schemas-auto
• d99034f [vendor-schemas] automated update
• 566da04 Merge pull request #684 from python-jsonschema/vendor-schemas-auto
• dca8424 Merge pull request #685 from python-jsonschema/pre-commit-ci-update-config
• 520b76e [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Updates https://github.com/renovatebot/pre-commit-hooks from 43.150.0 to 43.234.1

Release notes

Sourced from https://github.com/renovatebot/pre-commit-hooks's releases.

43.234.1

See https://github.com/renovatebot/renovate/releases/tag/43.234.1 for more changes

43.234.0

See https://github.com/renovatebot/renovate/releases/tag/43.234.0 for more changes

43.233.4

See https://github.com/renovatebot/renovate/releases/tag/43.233.4 for more changes

43.227.0

See https://github.com/renovatebot/renovate/releases/tag/43.227.0 for more changes

43.226.2

See https://github.com/renovatebot/renovate/releases/tag/43.226.2 for more changes

43.226.1

See https://github.com/renovatebot/renovate/releases/tag/43.226.1 for more changes

43.226.0

See https://github.com/renovatebot/renovate/releases/tag/43.226.0 for more changes

43.225.0

See https://github.com/renovatebot/renovate/releases/tag/43.225.0 for more changes

43.224.0

See https://github.com/renovatebot/renovate/releases/tag/43.224.0 for more changes

43.223.0

See https://github.com/renovatebot/renovate/releases/tag/43.223.0 for more changes

43.222.1

See https://github.com/renovatebot/renovate/releases/tag/43.222.1 for more changes

43.222.0

See https://github.com/renovatebot/renovate/releases/tag/43.222.0 for more changes

43.221.0

See https://github.com/renovatebot/renovate/releases/tag/43.221.0 for more changes

43.220.0

See https://github.com/renovatebot/renovate/releases/tag/43.220.0 for more changes

43.218.0

See https://github.com/renovatebot/renovate/releases/tag/43.218.0 for more changes

43.217.1

See https://github.com/renovatebot/renovate/releases/tag/43.217.1 for more changes

43.217.0

See https://github.com/renovatebot/renovate/releases/tag/43.217.0 for more changes

... (truncated)

Commits

• afe69b8 chore(deps): update dependency renovate to v43.234.1 (#4413)
• 75445da chore(deps): update dependency renovate to v43.234.0 (#4412)
• 68f213b chore(deps): update dependency renovate to v43.233.4 (#4411)
• fdcc0db chore(deps): update dependency renovate to v43.227.0 (#4410)
• a9cfe20 chore(deps): update dependency renovate to v43.226.2 (#4409)
• 8990e9b chore(deps): update dependency renovate to v43.226.1 (#4408)
• 552b048 chore(deps): update dependency renovate to v43.226.0 (#4407)
• cd4e146 chore(deps): update dependency renovate to v43.225.0 (#4406)
• d3b1f0f chore(deps): update dependency renovate to v43.224.0 (#4405)
• 633c738 chore(deps): update dependency renovate to v43.223.0 (#4404)
• Additional commits viewable in compare view

Updates https://github.com/igorshubovych/markdownlint-cli from v0.48.0 to 0.49.0

Release notes

Sourced from https://github.com/igorshubovych/markdownlint-cli's releases.

v0.49.0

• Update markdownlint dependency to 0.41.0
  • Improve MD022/MD028/MD035/MD042/MD051/MD060
  • Remove handling of inline directive syntax (frequent false positives)
  • Remove support for end-of-life Node version 20
• Update all dependencies via Dependabot

Commits

• a4d5d37 Bump version 0.49.0
• 503f264 Delete and recreate package-lock.json via "npm install".
• 7a24593 Bump markdownlint from 0.40.0 to 0.41.0
• c7c1c76 Bump commander from 14.0.3 to 15.0.0
• 83f5f30 Bump tinyglobby from 0.2.16 to 0.2.17
• 74b98de Bump js-yaml from 4.1.1 to 4.2.0
• d368135 Bump markdown-it from 14.1.1 to 14.2.0
• dd34288 Bump ava from 8.0.0 to 8.0.1
• 1e363dc Bump brace-expansion from 5.0.5 to 5.0.6
• 2f092d2 Bump ava from 7.0.0 to 8.0.0
• Additional commits viewable in compare view

Updates https://github.com/errata-ai/vale from v3.14.2 to 3.15.1

Release notes

Sourced from https://github.com/errata-ai/vale's releases.

v3.15.1

See v3.15.0 for full notes.

Changelog

• 8c4ed0df chore: support immutable releases

v3.15.0

Vocabularies now support multi-word entries — phrases that are valid as a unit but whose individual words shouldn't be accepted on their own.

Previously, an accept.txt entry like mea culpa couldn't work: spell-checking splits text into single words, so mea and culpa were each checked (and flagged) separately. Your only option was accepting each word individually — which also silently allowed them everywhere else.

Now you can add the phrase directly:

mea culpa

• mea culpa is accepted as a phrase
• a stray mea or culpa on its own is still flagged

Changelog

• 948bd96d feat: support presence checks in conditional rules
• 4d281c32 fix: render occurrence count as a number
• 3b43f732 fix: preserve relative indentation in code-comment markup (#1028)
• 32cd425f fix: don't pad dashes adjacent to inline markup (#1029)
• fa67a3e1 feat: accept multi-word phrases in the vocabulary (#1035)
• 072ac4fd fix: don't treat substitution replacements as regexes (#1038)
• d3721630 fix: don't pad inline content adjacent to brackets (#1056)
• 2680b538 fix: don't apply word Vocab to nonword existence rules (#1058)
• 8558c4fe fix: handle Danish-style hunspell dictionaries (#1065)
• 0da27dd0 fix: ignore generated TOC and section numbers in AsciiDoc (#1101)
• a686caee fix: don't require a python executable to lint reStructuredText (#1102)
• 813e6c83 fix: prevent crash when masking read-only context (#1099)
• c1533d19 fix: create configured StylesPath during sync (#1105) (#1106)

Commits

• 8c4ed0d chore: support immutable releases
• 948bd96 feat: support presence checks in conditional rules
• 4d281c3 fix: render occurrence count as a number
• 3b43f73 fix: preserve relative indentation in code-comment markup (#1028)
• 32cd425 fix: don't pad dashes adjacent to inline markup (#1029)
• fa67a3e feat: accept multi-word phrases in the vocabulary (#1035)
• 2ff92e0 chore: fix Windows' path for CI
• 072ac4f fix: don't treat substitution replacements as regexes (#1038)
• bf175c0 chore: drop cucumber on WIndows
• 3a59a17 chore: consolidate CI
• Additional commits viewable in compare view

Updates https://github.com/crate-ci/typos from v1.46.2 to 1.47.2

Release notes

Sourced from https://github.com/crate-ci/typos's releases.

v1.47.2

[1.47.2] - 2026-06-04

Fixes

• Don't correct inferrable
• Correct unused inferible variant

v1.47.1

[1.47.1] - 2026-06-03

Fixes

• Don't correct requestors

v1.47.0

[1.47.0] - 2026-05-29

Features

• Updated the dictionary with the May 2026 changes

v1.46.3

[1.46.3] - 2026-05-23

Fixes

• Don't correct to sequentials
• Don't correct to subdolder

Changelog

Sourced from https://github.com/crate-ci/typos's changelog.

[1.47.2] - 2026-06-04

Fixes

• Don't correct inferrable
• Correct unused inferible variant

[1.47.1] - 2026-06-03

Fixes

• Don't correct requestors

[1.47.0] - 2026-05-29

Features

• Updated the dictionary with the May 2026 changes

[1.46.3] - 2026-05-23

Fixes

• Don't correct to sequentials
• Don't correct to subdolder

Commits

• 37bb988 chore: Release
• cf0d280 docs: Update changelog
• 365762c Merge pull request #1569 from epage/infer
• ee20d2a fix(dict): Allow inferrable, disallow inferible
• 44e2070 chore: Release
• e10d108 docs: Update changelog
• 06f8734 Merge pull request #1566 from epage/fix
• a12d104 fix(dict): Don't correct requestors
• 823a0a4 chore(deps): Update compatible (#1564)
• f8a58b6 chore: Release
• Additional commits viewable in compare view