Skip to content

Dependency Dashboard #408

New issue
New issue
Open
Open
Dependency Dashboard#408
@forking-renovate

Description

@forking-renovate
forking-renovate
bot
opened on Jun 27, 2022

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository Problems

These problems occurred while renovating this repository. View logs.

  • ⚠️ WARN: Package lookup failures

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (15)
Datasource Package Last Updated
github-actions bazelbuild/setup-bazelisk 2024-02-02
github-actions geekyeggo/delete-artifact 2024-08-31
github-actions gradle/gradle-build-action 2024-07-15
github-actions thehanimo/pr-title-checker 2024-11-25
gomod github.com/google/go-cmp 2025-01-14
gomod github.com/pborman/uuid 2019-10-24
gomod gopkg.in/yaml.v3 2022-05-27
npm @octokit/webhooks-types 2024-10-03
npm markdown-toc 2017-09-19

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

  • chore(deps): update dependency org.apache.maven.plugins:maven-plugin-plugin to v3.15.2
  • chore(deps): update dependency org.apache.maven.plugins:maven-shade-plugin to v3.6.1
  • fix(deps): update dependency org.apache.maven:maven-plugin-api to v3.9.12
  • fix(deps): update dependency org.apache.maven.plugin-tools:maven-plugin-annotations to v3.15.2
  • chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.12.0
  • chore(deps): update npm dev (major) (@types/jest, @types/node, @typescript-eslint/eslint-plugin, @typescript-eslint/parser, eslint, eslint-plugin-github, jest, renovate, sigstore)
  • fix(deps): update dependency @sigstore/rekor-types to v4
  • fix(deps): update dependency sigstore to v4
  • fix(deps): update module github.com/sigstore/sigstore-go to v1
  • 🔐 Create all awaiting schedule PRs at once 🔐

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

  • chore(deps): update dependency org.apache.maven.plugins:maven-source-plugin to v3.4.0
  • fix(deps): update module github.com/in-toto/in-toto-golang to v0.10.0
  • chore(deps): update dependency pathspec to v1
  • fix(deps): update dependency @actions/core to v3
  • fix(deps): update dependency @actions/github to v9
  • fix(deps): update module github.com/google/go-github/v57 to v84
  • chore(deps): lock file maintenance
  • 🔐 Create all rate-limited PRs at once 🔐

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

  • fix(deps): update go (github.com/coreos/go-oidc/v3, github.com/go-openapi/strfmt, github.com/go-openapi/swag, github.com/google/go-cmp, github.com/secure-systems-lab/go-securesystemslib, github.com/sigstore/sigstore-go, github.com/spf13/cobra)

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package io.github.slsa-framework.slsa-github-generator:hash-maven-plugin.

Files affected: e2e/maven/workflow_dispatch/pom.xml

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

Detected Dependencies

github-actions (56)
.github/actions/generate-builder/action.yml (2)
  • actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 → [Updates: v5.6.0, v6.3.0]
  • go ${{ inputs.go-version }}
.github/actions/secure-builder-checkout/action.yaml (1)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/actions/secure-download-artifact/action.yml (1)
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
.github/actions/secure-download-folder/action.yml (1)
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
.github/actions/secure-project-checkout-go/action.yml (2)
  • actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 → [Updates: v5.6.0, v6.3.0]
  • go ${{ steps.validate.outputs.go_version }}
.github/actions/secure-project-checkout-node/action.yml (2)
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • node ${{ inputs.node-version }}
.github/actions/secure-project-checkout/action.yaml (1)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/actions/secure-upload-artifact/action.yml (1)
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
.github/actions/secure-upload-folder/action.yml
.github/workflows/builder_bazel_slsa3.yml
.github/workflows/builder_container-based_slsa3.yml (14)
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • google-github-actions/auth v2.1.10@ba79af03959ebeac9769e648f473a284504d9193 → [Updates: v2.1.13, v3.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • softprops/action-gh-release v2.3.2@72f2c25fcb47643c292f7107632f7a47c1df5cd8 → [Updates: v2.5.0]
  • softprops/action-gh-release v2.3.2@72f2c25fcb47643c292f7107632f7a47c1df5cd8 → [Updates: v2.5.0]
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
.github/workflows/builder_go_slsa3.yml (3)
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • softprops/action-gh-release v2.3.2@72f2c25fcb47643c292f7107632f7a47c1df5cd8 → [Updates: v2.5.0]
.github/workflows/builder_gradle_slsa3.yml
.github/workflows/builder_maven_slsa3.yml
.github/workflows/builder_nodejs_slsa3.yml
.github/workflows/codeql-analysis.yml (4)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • github/codeql-action v3.29.0@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 → [Updates: v3.32.4, v4.32.4]
  • github/codeql-action v3.29.0@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 → [Updates: v3.32.4, v4.32.4]
  • github/codeql-action v3.29.0@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 → [Updates: v3.32.4, v4.32.4]
.github/workflows/delegator_generic_slsa3.yml (2)
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
.github/workflows/delegator_lowperms-generic_slsa3.yml (2)
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
  • geekyeggo/delete-artifact v5.1.0@f275313e70c08f6120db482d7a6b98377786765b
.github/workflows/e2e.create-container_based-predicate.schedule.yml (3)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/e2e.detect-workflow-js.schedule.yml (3)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/e2e.sign-attestations.schedule.yml (5)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-node v4@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • node 22
.github/workflows/e2e.upload-folder.schedule.yml (4)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/generator_container_slsa3.yml (2)
  • google-github-actions/auth v2.1.10@ba79af03959ebeac9769e648f473a284504d9193 → [Updates: v2.1.13, v3.0.0]
  • sigstore/cosign-installer v3.9.1@398d4b0eeef1380460a10c8013a76f728fb906ac → [Updates: v3.10.1, v4.0.0]
.github/workflows/generator_generic_slsa3.yml (2)
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • softprops/action-gh-release v2.3.2@72f2c25fcb47643c292f7107632f7a47c1df5cd8 → [Updates: v2.5.0]
.github/workflows/pre-submit.actions.yml (20)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • node 22
.github/workflows/pre-submit.apis.yml (1)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/pre-submit.delegators.yml (1)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/pre-submit.e2e.container-based.default.yml (3)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
.github/workflows/pre-submit.e2e.generic.default.yml (6)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
.github/workflows/pre-submit.e2e.go.config-ldflags-main-dir.yml (3)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
.github/workflows/pre-submit.e2e.maven.yml
.github/workflows/pre-submit.lint.yml (18)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 → [Updates: v5.6.0, v6.3.0]
  • actions/setup-node v3.9.1@3235b876344d2a9aa001b8d1453c930bba69e610 → [Updates: v6.2.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 → [Updates: v5.6.0, v6.3.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • go 1.22.3
  • node 22
  • node 22
  • node 22
  • node 22
.github/workflows/pre-submit.pr-title.yml (1)
  • thehanimo/pr-title-checker v1.4.3@7fbfe05602bdd86f926d3fb3bccb6f3aed43bc70
.github/workflows/pre-submit.units.yml (6)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 → [Updates: v5.6.0, v6.3.0]
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • node 22
.github/workflows/release.yml (2)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
.github/workflows/schedule.issue-reopener.yml (2)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • ianlewis/todo-issue-reopener v1.7.0@05ca1b2493e450e1cc464bb25e0fa735ae8e4a00
.github/workflows/scorecards.yml (4)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • ossf/scorecard-action v2.4.2@05b42c624433fc40578a4040d5cf5e36ddca8cde → [Updates: v2.4.3]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • github/codeql-action v3.29.0@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 → [Updates: v3.32.4, v4.32.4]
.github/workflows/update-actions-dist-post-commit.yml (4)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.0]
actions/delegator/random/action.yml
actions/delegator/secure-attestations-download/action.yml
actions/delegator/secure-download-folder/action.yml
actions/delegator/secure-upload-folder/action.yml
actions/generator/generic/create-base64-subjects-from-file/action.yml
actions/gradle/publish/action.yml (2)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 → [Updates: v4.8.0, v5.2.0]
actions/gradle/secure-download-attestations/action.yml
actions/gradle/secure-download-target/action.yml
actions/maven/publish/action.yml (1)
  • actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 → [Updates: v4.8.0, v5.2.0]
actions/maven/secure-download-attestations/action.yml
actions/maven/secure-download-target/action.yml
actions/nodejs/publish/action.yml
actions/nodejs/secure-attestations-download/action.yml
actions/nodejs/secure-package-download/action.yml
internal/builders/bazel/action.yml (2)
  • bazelbuild/setup-bazelisk v3.0.0@b39c379c82683a5f25d34f0d062761f62693e0b2
  • actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 → [Updates: v4.8.0, v5.2.0]
internal/builders/gradle/action.yml (3)
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v4.3.1, v6.0.2]
  • actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 → [Updates: v4.8.0, v5.2.0]
  • gradle/gradle-build-action v3.5.0@ac2d340dc04d9e1113182899e983b5400c17cda1
internal/builders/maven/action.yml (2)
  • actions/checkout 09d2acae674a48949e3602304ab46fd20ae0c42f → [Updates: undefined]
  • actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 → [Updates: v4.8.0, v5.2.0]
internal/builders/nodejs/action.yml (2)
  • actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.2.0]
  • node ${{ fromJson(inputs.slsa-workflow-inputs).node-version }}
gomod (3)
go.mod (17)
  • go 1.23.1
  • github.com/coreos/go-oidc/v3 v3.11.0 → [Updates: v3.17.0]
  • github.com/go-jose/go-jose/v4 v4.0.4 → [Updates: v4.0.5]
  • github.com/go-openapi/strfmt v0.23.0 → [Updates: v0.25.0]
  • github.com/go-openapi/swag v0.23.0 → [Updates: v0.25.4]
  • github.com/google/go-cmp v0.6.0 → [Updates: v0.7.0]
  • github.com/google/go-github/v57 v57.0.0 → [Updates: v84.0.0]
  • github.com/in-toto/in-toto-golang v0.9.0 → [Updates: v0.10.0]
  • github.com/pelletier/go-toml v1.9.5 → [Updates: v2.2.4]
  • github.com/secure-systems-lab/go-securesystemslib v0.8.0 → [Updates: v0.10.0]
  • github.com/sigstore/cosign/v2 v2.4.1 → [Updates: v2.6.2]
  • github.com/sigstore/rekor v1.3.6 → [Updates: v1.5.0]
  • github.com/sigstore/sigstore v1.8.10 → [Updates: v1.10.4]
  • github.com/sigstore/sigstore-go v0.6.1 → [Updates: v0.7.3, v1.1.4]
  • github.com/spf13/cobra v1.8.1 → [Updates: v1.10.2]
  • golang.org/x/oauth2 v0.23.0 → [Updates: v0.27.0]
  • gopkg.in/yaml.v3 v3.0.1
internal/builders/go/e2e-presubmits/go.mod (2)
  • go 1.23.1
  • github.com/pborman/uuid v1.2.1
internal/builders/go/pkg/testdata/go/go.mod (1)
  • go 1.23.1
maven (2)
actions/maven/publish/slsa-hashing-plugin/pom.xml (5)
  • org.apache.maven:maven-plugin-api 3.9.9 → [Updates: 3.9.12]
  • org.apache.maven.plugin-tools:maven-plugin-annotations 3.15.1 → [Updates: 3.15.2]
  • org.apache.maven:maven-core 3.9.9 → [Updates: 3.9.12]
  • org.json:json 20231013
  • org.apache.maven.plugins:maven-plugin-plugin 3.15.1 → [Updates: 3.15.2]
e2e/maven/workflow_dispatch/pom.xml (7)
  • org.apache.maven.plugins:maven-source-plugin 3.3.1 → [Updates: 3.4.0]
  • org.apache.maven.plugins:maven-javadoc-plugin 3.11.2 → [Updates: 3.12.0]
  • org.apache.maven.plugins:maven-shade-plugin 3.6.0 → [Updates: 3.6.1]
  • org.sonatype.plugins:nexus-staging-maven-plugin 1.7.0
  • org.apache.maven.plugins:maven-gpg-plugin 3.2.7 → [Updates: 3.2.8]
  • org.apache.maven.plugins:maven-deploy-plugin 3.1.3 → [Updates: 3.1.4]
  • io.github.slsa-framework.slsa-github-generator:hash-maven-plugin 0.0.1
npm (10)
.github/actions/compute-sha256/package.json (10)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/create-container_based-predicate/package.json (15)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @types/jest 29.5.14 → [Updates: 30.0.0]
  • @types/make-fetch-happen 10.0.4
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • jest 29.7.0 → [Updates: 30.2.0]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • ts-jest 29.2.5 → [Updates: 29.4.6]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/detect-workflow-js/package.json (13)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @types/jest 29.5.14 → [Updates: 30.0.0]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • ts-jest 29.2.5 → [Updates: 29.4.6]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/generate-attestations/package.json (13)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @types/jest 29.5.14 → [Updates: 30.0.0]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • ts-jest 29.2.5 → [Updates: 29.4.6]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/privacy-check/package.json (11)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/sign-attestations/package.json (14)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @sigstore/rekor-types 2.0.0 → [Updates: 4.0.0]
  • sigstore 2.3.1 → [Updates: 4.1.0]
  • @types/make-fetch-happen 10.0.4
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/tscommon/package.json (11)
  • @types/jest 29.5.14 → [Updates: 30.0.0]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • ts-jest 29.2.5 → [Updates: 29.4.6]
  • typescript 5.7.3 → [Updates: 5.9.3]
.github/actions/verify-token/package.json (19)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @octokit/webhooks-types 7.6.1
  • @sigstore/rekor-types 2.0.0 → [Updates: 4.0.0]
  • sigstore 2.3.1 → [Updates: 4.1.0]
  • yaml 2.5.1 → [Updates: 2.8.2]
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @types/jest 29.5.14 → [Updates: 30.0.0]
  • @types/make-fetch-happen 10.0.4
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • jest 29.7.0 → [Updates: 30.2.0]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • ts-jest 29.2.5 → [Updates: 29.4.6]
  • typescript 5.7.3 → [Updates: 5.9.3]
actions/delegator/setup-generic/package.json (14)
  • @actions/core 1.11.1 → [Updates: 3.0.0]
  • @actions/github 6.0.0 → [Updates: 6.0.1, 9.0.0]
  • @sigstore/rekor-types 2.0.0 → [Updates: 4.0.0]
  • sigstore 2.3.1 → [Updates: 4.1.0]
  • @types/make-fetch-happen 10.0.4
  • @types/node 20.17.19 → [Updates: 20.19.34, 24.10.14]
  • @typescript-eslint/eslint-plugin 6.21.0 → [Updates: 8.56.1]
  • @typescript-eslint/parser 6.21.0 → [Updates: 8.56.1]
  • @vercel/ncc 0.38.3 → [Updates: 0.38.4]
  • eslint 8.57.1 → [Updates: 10.0.2]
  • eslint-plugin-github 4.10.2 → [Updates: 6.0.0]
  • eslint-plugin-prettier 5.2.3 → [Updates: 5.5.5]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • typescript 5.7.3 → [Updates: 5.9.3]
package.json (6)
  • @sigstore/cli 0.8.1 → [Updates: 0.9.0]
  • markdown-toc 1.2.0
  • markdownlint-cli 0.44.0 → [Updates: 0.47.0]
  • prettier 3.5.1 → [Updates: 3.8.1]
  • renovate 39.174.3 → [Updates: 39.264.1, 43.39.2]
  • sigstore 2.3.1 → [Updates: 4.1.0]
pip_requirements (1)
requirements.txt (2)
  • yamllint ==1.35.1 → [Updates: ==1.38.0]
  • pathspec ==0.12.1 → [Updates: ==1.0.4]
  • Check this box to trigger a request for Renovate to run again on this repository

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions