This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.View this repository on the Mend.io Web Portal .
Repository Problems
These problems occurred while renovating this repository. View logs .
⚠️ WARN: Package lookup failures
Abandoned Dependencies
The following dependencies have not received updates for an extended period and may be unmaintained.
View abandoned dependencies (1)
[!NOTE]abandonmentThreshold
Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package ossf/scorecard-action), Could not determine new digest for update (github-tags package microsoft/security-devops-action), Could not determine new digest for update (github-tags package aquasecurity/trivy-action).
Files affected: .github/workflows/ossf.yml, .github/workflows/scans.yml
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
Vulnerabilities
Renovate has not found any CVEs on osv.dev .
Detected Dependencies
docker-compose (1)
compose.yaml
dockerfile (1)
Dockerfile (2)
ghcr.io/astral-sh/uv 0.11.6@sha256:b1e699368d24c57cda93c338a57a8c5a119009ba809305cc8e86986d4a006754 → [Updates: 0.11.7]public.ecr.aws/ubuntu/ubuntu 24.04@sha256:748740465d0aadaa69ab6e6c295892f17d7a8f44a85090dbb571ec0bb8c5674f
github-actions (5)
.github/workflows/automerge.yml (1)
dependabot/fetch-metadata v2@21025c705c08248db411dc16f3619e6b5f9ea21a → [Updates: v3]
.github/workflows/ci.yml (7)
actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dddocker/bake-action v7@a66e1c87e2eca0503c343edf1d208c716d54b8a8actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dddocker/setup-qemu-action v4.0.0@ce360397dd3f832beb865e1373c09c0e9f86d70adocker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedddocker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121docker/bake-action v7@a66e1c87e2eca0503c343edf1d208c716d54b8a8
.github/workflows/ossf.yml (3)
actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83ddossf/scorecard-action v2@4eaacf0543bb3f2c246792bd56e8cdeffafb205agithub/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]
.github/workflows/pr.yml (3)
amannn/action-semantic-pull-request v6.1.1@48f256284bd46cdaab1048c3721360e808335d50actions/labeler v6@634933edcd8ababfe52f92936142cc22ac488b1bpascalgn/size-label-action v0.5.7@56b489b027932ec0cf60438a1a5f1a19c8fc71ff
.github/workflows/scans.yml (16)
actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83ddoxsecurity/megalinter v9@8fbdead70d1409964ab3d5afa885e18ee85388bbactions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0agithub/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83ddmicrosoft/security-devops-action v1@08976cb623803b1b36d7112d4ff9f59eae704de0github/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83ddaquasecurity/trivy-action 0.30@57a97c7e7821a5776cebc9bb87c984fa69cba8f1aquasecurity/trivy-action 0.30@57a97c7e7821a5776cebc9bb87c984fa69cba8f1github/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dddocker/build-push-action v7@bcafcacb16a39f128d818304e6c9c0c18556b85faquasecurity/trivy-action 0.30@57a97c7e7821a5776cebc9bb87c984fa69cba8f1aquasecurity/trivy-action 0.30@57a97c7e7821a5776cebc9bb87c984fa69cba8f1github/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]
pip_requirements (1)
requirements.txt
pre-commit (1)
.pre-commit-config.yaml (8)
pre-commit/pre-commit v4.5.1pre-commit/pre-commit-hooks v6.0.0gitleaks/gitleaks v8.30.1rhysd/actionlint v1.7.12editorconfig-checker/editorconfig-checker v3.6.1hadolint/hadolint v2.14.0DavidAnson/markdownlint-cli2 v0.22.0google/yamlfmt v0.21.0
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Repository Problems
These problems occurred while renovating this repository. View logs.
Abandoned Dependencies
The following dependencies have not received updates for an extended period and may be unmaintained.
View abandoned dependencies (1)
2024-11-07Warning
Renovate failed to look up the following dependencies:
Could not determine new digest for update (github-tags package ossf/scorecard-action),Could not determine new digest for update (github-tags package microsoft/security-devops-action),Could not determine new digest for update (github-tags package aquasecurity/trivy-action).Files affected:
.github/workflows/ossf.yml,.github/workflows/scans.ymlOpen
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
Vulnerabilities
Renovate has not found any CVEs on osv.dev.
Detected Dependencies
docker-compose (1)
dockerfile (1)
github-actions (5)
pip_requirements (1)
pre-commit (1)