Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependency Dashboard #5

Open
38 tasks
renovate bot opened this issue Apr 15, 2024 · 0 comments
Open
38 tasks

Dependency Dashboard #5

renovate bot opened this issue Apr 15, 2024 · 0 comments

Comments

@renovate
Copy link
Contributor

renovate bot commented Apr 15, 2024

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed (error)

The Config Migration branch exists but has been modified by another user. Renovate will not push to this branch unless it is first deleted.

See Config Migration PR: #187.

Pending Approval

These branches will be created by Renovate only once you click their checkbox below.

  • chore(deps): update dependency protoc to v29
  • chore(deps): update dependency ubuntu to v24
  • chore(deps): update goreleaser/goreleaser-action action to v6
  • chore(deps): update pre-commit hook pre-commit/pre-commit-hooks to v5
  • chore(deps): update thollander/actions-comment-pull-request action to v3
  • fix(deps): update module github.com/cedar-policy/cedar-go to v1
  • fix(deps): update module github.com/knadh/koanf/providers/env to v1
  • fix(deps): update module github.com/knadh/koanf/providers/file to v1
  • 🔐 Create all pending approval PRs at once 🔐

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • chore(deps): update actions/setup-go digest to 3041bf5
  • chore(deps): update actions/upload-artifact digest to 6f51ac0
  • chore(deps): update prom/prometheus docker digest to 565ee86
  • chore(deps): update returntocorp/semgrep docker digest to 7acf76e
  • chore(deps): update sonarsource/sonarcloud-github-action digest to 02ef911
  • chore(deps): update google/osv-scanner-action action to v1.9.2
  • chore(deps): update pre-commit hook google/osv-scanner/ to v1.9.2
  • fix(deps): update module github.com/jackc/pgx/v5 to v5.7.2
  • chore(deps): update dependency node to v22.12.0
  • chore(deps): update pre-commit hook gitleaks/gitleaks to v8.22.0
  • fix(deps): update module go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp to v0.58.0
  • fix(deps): update module google.golang.org/grpc to v1.69.2
  • fix(deps): update module google.golang.org/protobuf to v1.36.1
  • fix(deps): update opentelemetry-go monorepo to v1.33.0 (go.opentelemetry.io/otel, go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp, go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp, go.opentelemetry.io/otel/exporters/stdout/stdoutmetric, go.opentelemetry.io/otel/exporters/stdout/stdouttrace, go.opentelemetry.io/otel/metric, go.opentelemetry.io/otel/sdk, go.opentelemetry.io/otel/sdk/metric, go.opentelemetry.io/otel/trace)
  • 🔐 Create all rate-limited PRs at once 🔐

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Vulnerabilities

4/7 CVEs have Renovate fixes.

gomod
go.mod
github.com/docker/docker
golang.org/x/crypto
golang.org/x/net

Detected dependencies

docker-compose
docker-compose.development.yml
  • postgres sha256:163763c8afd28cae69035ce84b12d8180179559c747c0701b3cad17818a0dbc5
  • otel/opentelemetry-collector sha256:756725f13cfbd34be6d7210419e06243f078090f6190a637b766beb4293417cf
  • prom/prometheus sha256:3b9b2a15d376334da8c286d995777d3b9315aa666d2311170ada6059a517b74f
  • grafana/grafana-oss sha256:a0f881232a6fb71a0554a47d0fe2203b6888fe77f4cefb7ea62bed7eb54e13c3
  • jaegertracing/all-in-one 1.60@sha256:4fd2d70fa347d6a47e79fcb06b1c177e6079f92cba88b083153d56263082135e
dockerfile
Dockerfile
  • cgr.dev/chainguard/glibc-dynamic latest@sha256:d000aed862c42a81317eccd6aa10a5ad3eadd29b3483d7340e1b44ae1de81641
github-actions
.github/workflows/codegen_check.yaml
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • jdx/mise-action v2.1.6@53d027c2e96fed8f955f5d95bff910a3e031cc58
  • thollander/actions-comment-pull-request v2.5.0@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
  • thollander/actions-comment-pull-request v2.5.0@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
.github/workflows/integration-test.yaml
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • jdx/mise-action v2.1.6@53d027c2e96fed8f955f5d95bff910a3e031cc58
  • docker/login-action v3@9780b0c442fbb1117ed29e0efdff1e18412f7567
  • anchore/sbom-action v0.17.7@fc46e51fd3cb168ffb36c6d1915723c47db58abb
  • actions/setup-go v5@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed
  • goreleaser/goreleaser-action v5@5742e2a039330cbb23ebf35f046f814d4c6ff811
.github/workflows/osv-scanner.yaml
  • google/osv-scanner-action v1.9.0@19ec1116569a47416e11a45848722b1af31a857b
  • google/osv-scanner-action v1.9.0@19ec1116569a47416e11a45848722b1af31a857b
.github/workflows/release.yaml
  • sigstore/cosign-installer v3@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • docker/login-action v3@9780b0c442fbb1117ed29e0efdff1e18412f7567
  • anchore/sbom-action v0.17.7@fc46e51fd3cb168ffb36c6d1915723c47db58abb
  • actions/setup-go v5@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed
  • goreleaser/goreleaser-action v5@5742e2a039330cbb23ebf35f046f814d4c6ff811
.github/workflows/scorecard.yaml
  • actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
  • ossf/scorecard-action v2.4.0@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
  • actions/upload-artifact v4@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
  • github/codeql-action v3.27.4@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f
.github/workflows/semgrep.yml
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • returntocorp/semgrep sha256:f35c7891e2030110a84a721fdd556ce8f3da6e7e69d7fab1d3660ae1bb334474
  • ubuntu 22.04
.github/workflows/sonarcloud.yaml
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • jdx/mise-action v2.1.6@53d027c2e96fed8f955f5d95bff910a3e031cc58
  • sonarsource/sonarcloud-github-action 9f9bba2c7aaf7a55eac26abbac906c3021d211b2
.github/workflows/update-cache.yaml
  • actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683
  • jdx/mise-action v2.1.6@53d027c2e96fed8f955f5d95bff910a3e031cc58
gomod
go.mod
  • go 1.22.7
  • go 1.23.3
  • github.com/cedar-policy/cedar-go v0.1.0
  • github.com/exaring/otelpgx v0.7.0
  • github.com/go-playground/validator/v10 v10.23.0
  • github.com/golang-migrate/migrate/v4 v4.18.1
  • github.com/jackc/pgx/v5 v5.7.1
  • github.com/knadh/koanf/parsers/yaml v0.1.0
  • github.com/knadh/koanf/providers/confmap v0.1.0
  • github.com/knadh/koanf/providers/env v0.1.0
  • github.com/knadh/koanf/providers/file v0.1.0
  • github.com/knadh/koanf/v2 v2.1.2
  • github.com/stretchr/testify v1.9.0
  • github.com/testcontainers/testcontainers-go v0.34.0
  • github.com/testcontainers/testcontainers-go/modules/postgres v0.34.0
  • github.com/urfave/cli/v2 v2.27.5
  • go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.57.0
  • go.opentelemetry.io/otel v1.32.0
  • go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.32.0
  • go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.32.0
  • go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.32.0
  • go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.32.0
  • go.opentelemetry.io/otel/metric v1.32.0
  • go.opentelemetry.io/otel/sdk v1.32.0
  • go.opentelemetry.io/otel/sdk/metric v1.32.0
  • go.opentelemetry.io/otel/trace v1.32.0
  • google.golang.org/grpc v1.68.0
  • google.golang.org/protobuf v1.35.2
  • gopkg.in/yaml.v3 v3.0.1
  • golang.org/x/crypto v0.28.0
  • golang.org/x/net v0.30.0
mise
.mise.toml
  • go 1.22.6
  • protoc 26.1
  • node 22.11.0
pre-commit
.pre-commit-config.yaml
  • gitleaks/gitleaks v8.21.2
  • google/osv-scanner/ v1.9.1
  • pre-commit/pre-commit-hooks v4.6.0

  • Check this box to trigger a request for Renovate to run again on this repository
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

0 participants