Skip to content

Dependency Dashboard #16

Description

@renovate

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (3)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource Package Last Updated
npm cz-conventional-changelog 2020-08-26
npm prettier-plugin-toml 2025-07-10
pre-commit Yelp/detect-secrets 2024-05-06

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

  • chore(deps): update mcr.microsoft.com/devcontainers/universal:2 docker digest to dca6a98
  • chore(deps): update peaceiris/actions-gh-pages digest to 84c30a8
  • chore(deps): update dependency commitizen to v4.3.2
  • chore(deps): update commitlint monorepo to v19.8.1 (@commitlint/cli, @commitlint/config-conventional)
  • chore(deps): update dependency cz-git to v1.13.1
  • chore(deps): update dependency gradle to v8.14.5
  • chore(deps): update dependency prettier to v3.9.5
  • chore(deps): update dependency python to v3.14.6
  • chore(deps): update node.js to v22.23.1
  • chore(deps): update plugin com.github.spotbugs to v6.5.9
  • chore(deps): update plugin com.vanniktech.maven.publish to v0.37.0
  • chore(deps): update plugin info.solidsoft.pitest to v1.19.0
  • chore(deps): update plugin name.remal.sonarlint to v4.3.5
  • chore(deps): update plugin org.gradle.toolchains.foojay-resolver-convention to v0.10.0
  • chore(deps): update plugin org.openrewrite.rewrite to v6.29.4
  • fix(deps): update dependency checkstyle to v10.26.1
  • fix(deps): update dependency org.junit.jupiter:junit-jupiter to v5.14.4
  • fix(deps): update dependency org.openrewrite.recipe:rewrite-java-security to v2.17.2
  • fix(deps): update dependency org.openrewrite.recipe:rewrite-static-analysis to v1.22.1
  • chore(deps): update actions/checkout action to v7
  • chore(deps): update actions/dependency-review-action action to v5
  • chore(deps): update actions/first-interaction action to v3
  • chore(deps): update actions/labeler action to v6
  • chore(deps): update actions/setup-java action to v5
  • chore(deps): update actions/setup-node action to v7
  • chore(deps): update actions/stale action to v10
  • chore(deps): update codecov/codecov-action action to v7
  • chore(deps): update commitlint monorepo to v21 (@commitlint/cli, @commitlint/config-conventional)
  • chore(deps): update dependency gradle to v9
  • chore(deps): update dependency java to v25
  • chore(deps): update github/codeql-action action to v4
  • chore(deps): update gradle/actions action to v6
  • chore(deps): update mcr.microsoft.com/devcontainers/universal docker tag to v6
  • chore(deps): update node.js to v24
  • chore(deps): update npm to v12
  • chore(deps): update plugin com.diffplug.spotless to v8
  • chore(deps): update plugin name.remal.sonarlint to v7
  • chore(deps): update plugin org.gradle.toolchains.foojay-resolver-convention to v1
  • chore(deps): update plugin org.openrewrite.rewrite to v7
  • fix(deps): update dependency checkstyle to v13
  • fix(deps): update dependency org.junit.jupiter:junit-jupiter to v6
  • fix(deps): update dependency org.openrewrite.recipe:rewrite-java-security to v3
  • fix(deps): update dependency org.openrewrite.recipe:rewrite-static-analysis to v2
  • chore(deps): lock file maintenance
  • 🔐 Create all rate-limited PRs at once 🔐

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (docker package ghcr.io/devcontainers/features/java), Could not determine new digest for update (docker package ghcr.io/devcontainers/features/python), Could not determine new digest for update (docker package ghcr.io/devcontainers/features/node), Could not determine new digest for update (github-tags package actions/dependency-review-action).

Files affected: .devcontainer/devcontainer.json, .github/workflows/dependency-review-on-pr.yml


Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

Detected Dependencies

devcontainer (1)
.devcontainer/devcontainer.json (4)
  • mcr.microsoft.com/devcontainers/universal 2@sha256:468fdde10b4dcd013ef25228f50631ee9c4488dfcdeeee3777051efd1137ecb4 → [Updates: 6, 2]
  • ghcr.io/devcontainers/features/java 1@sha256:5f3ec36d8accba9f48f5b37f8df6555fe1d62f2561f10eeb3641c1aa808a91cd
  • ghcr.io/devcontainers/features/python 1@sha256:3813e9f72e3f858188904be8504f0ccaae53e41a62430b503bc146bd0f072976
  • ghcr.io/devcontainers/features/node 1@sha256:6c4f444d8e3eb68594d60ec128bce76a80647edc2b9a94960ca377895855145f
github-actions (15)
.github/actions/ci-setup/action.yml (4)
  • actions/setup-node v4@60edb5dd545a775178f52524783378180af0d1f8 → [Updates: v7, v4]
  • actions/setup-java v4@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 → [Updates: v5, v4]
  • gradle/actions v3@db19848a5fa7950289d3668fb053140cf3028d43 → [Updates: v6, v3]
  • node 22.1.0 → [Updates: 22.23.1, 24.18.0]
.github/workflows/codeql.yml (3)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • github/codeql-action v3@23acc5c183826b7a8a97bce3cecc52db901f8251 → [Updates: v4, v3]
  • github/codeql-action v3@23acc5c183826b7a8a97bce3cecc52db901f8251 → [Updates: v4, v3]
.github/workflows/dependency-review-on-pr.yml (2)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • actions/dependency-review-action v4@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c → [Updates: v5.0.0]
.github/workflows/dependency-submission-download-submit.yml (1)
  • gradle/actions v3@db19848a5fa7950289d3668fb053140cf3028d43 → [Updates: v6, v3]
.github/workflows/dependency-submission-on-pr.yml (2)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • gradle/actions v3@db19848a5fa7950289d3668fb053140cf3028d43 → [Updates: v6, v3]
.github/workflows/dependency-submission-on-push.yml (2)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • gradle/actions v3@db19848a5fa7950289d3668fb053140cf3028d43 → [Updates: v6, v3]
.github/workflows/gh-pages.yml (2)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • peaceiris/actions-gh-pages v4@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e → [Updates: v4]
.github/workflows/gradle-check-build.yml (3)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • codecov/codecov-action v4.6.0@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 → [Updates: v7.0.0]
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
.github/workflows/greetings.yml (1)
  • actions/first-interaction v1 → [Updates: v3, v1]
.github/workflows/labeler.yml (1)
  • actions/labeler v5@8558fd74291d67161a8a78ce36a881fa63b766a9 → [Updates: v6]
.github/workflows/publish.yml (1)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
.github/workflows/releaser.yml (1)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
.github/workflows/semgrep.yml (3)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • github/codeql-action v3@23acc5c183826b7a8a97bce3cecc52db901f8251 → [Updates: v4, v3]
  • semgrep/semgrep sha256:4614ec53294cc63f086755157dfb108121c69087d15c3e8d4c7ac603fb0eaa54 → [Updates: undefined]
.github/workflows/snyk.yml (2)
  • actions/checkout v4@a5ac7e51b41094c92402da3b24376905380afc29 → [Updates: v7, v4]
  • github/codeql-action v3@23acc5c183826b7a8a97bce3cecc52db901f8251 → [Updates: v4, v3]
.github/workflows/stale.yml (1)
  • actions/stale v9@28ca1036281a5e5922ead5184a1bbf96e5fc984e → [Updates: v10, v9]
gradle (3)
build.gradle (11)
  • com.diffplug.spotless 6.25.0 → [Updates: 8.8.0]
  • com.vanniktech.maven.publish 0.30.0 → [Updates: 0.37.0]
  • org.openrewrite.rewrite 6.26.0 → [Updates: 6.29.4, 7.37.0]
  • com.github.spotbugs 6.0.25 → [Updates: 6.5.9]
  • name.remal.sonarlint 4.2.13 → [Updates: 4.3.5, 7.1.4]
  • info.solidsoft.pitest 1.15.0 → [Updates: 1.19.0]
  • org.openrewrite.recipe:rewrite-static-analysis 1.19.0 → [Updates: 1.22.1, 2.39.0]
  • org.openrewrite.recipe:rewrite-java-security 2.14.1 → [Updates: 2.17.2, 3.35.2]
  • org.junit.jupiter:junit-jupiter 5.11.3 → [Updates: 5.14.4, 6.1.2]
  • org.slf4j:slf4j-api 2.0.16 → [Updates: 2.0.18]
  • checkstyle 10.19.0 → [Updates: 10.26.1, 13.8.0]
gradle.properties
settings.gradle (1)
  • org.gradle.toolchains.foojay-resolver-convention 0.8.0 → [Updates: 0.10.0, 1.0.0]
gradle-wrapper (1)
gradle/wrapper/gradle-wrapper.properties (1)
  • gradle 8.10.2 → [Updates: 8.14.5, 9.6.1]
mise (1)
.mise.toml (4)
  • java 21.0.10+7.0.LTS → [Updates: 21.0.11+10.0.LTS, 25.0.3+9.0.LTS]
  • gradle 8.7 → [Updates: 8.14.5, 9.6.1]
  • python 3.13.0 → [Updates: 3.14.6]
  • node 22.10.0 → [Updates: 22.23.1, 24.18.0]
npm (1)
package.json (8)
  • @commitlint/cli 19.5.0 → [Updates: 19.8.1, 21.2.1]
  • @commitlint/config-conventional 19.5.0 → [Updates: 19.8.1, 21.2.0]
  • commitizen 4.3.1 → [Updates: 4.3.2]
  • cz-conventional-changelog 3.3.0
  • cz-git 1.10.1 → [Updates: 1.13.1]
  • prettier 3.3.3 → [Updates: 3.9.5]
  • prettier-plugin-toml 2.0.6
  • npm 10.9.8 → [Updates: 12.0.1]
pre-commit (1)
.pre-commit-config.yaml (2)
  • gitleaks/gitleaks 79cac73f7267f4a48f4bc73db11e105a6098a836
  • Yelp/detect-secrets 52759b86b8e311a8ba0e8d464001b1bf353f54f8

  • Check this box to trigger a request for Renovate to run again on this repository

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    Status
    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions