Dependency Dashboard

[descope]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Package lookup failures

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• ci(action): update actions/create-github-app-token action to v2.2.2
• ci(action): update actions/setup-go action to v6.4.0
• ci(action): update aws-actions/amazon-ecr-login action to v2.1.2
• fix(deps): update module google.golang.org/grpc to v1.80.0
• ci(action): update actions/create-github-app-token action to v3

---

Warning

Renovate failed to look up the following dependencies: Failed to look up github-tags package aquasecurity/trivy-action.

Files affected: .github/actions/pack/action.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency golangci/golangci-lint to v2
• ci(action): update docker/login-action action to v4
• ci(action): update golangci/golangci-lint-action action to v7
• ci(action): update golangci/golangci-lint-action action to v8
• ci(action): update golangci/golangci-lint-action action to v9
• ci(action): update sigstore/cosign-installer action to v4
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

0/3 CVEs have Renovate fixes.

gomod

go.mod

github.com/aws/aws-sdk-go

• GO-2022-0635
• GO-2022-0646

github.com/buger/jsonparser

• GO-2026-4514

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• golang 1.26

github-actions (8)

.github/actions/auth-setup/action.yaml (1)

• actions/create-github-app-token v2.2.1@29824e69f54612133e76f7eaac726eef6c875baf → [Updates: v2.2.2, v3.0.0]

.github/actions/build/action.yml (1)

• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]

.github/actions/docker-metadata/action.yml (1)

• docker/metadata-action v6.0.0@030e881283bb7a6894de51c315a6bfe6a94e05cf

.github/actions/lint/action.yml (3)

• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]
• golangci/golangci-lint-action v6.5.2@8564da7cb3c6866ed1da648ca8f00a258ef0c802 → [Updates: v7.0.1, v8.0.0, v9.2.0, v6.5.2]
• golangci/golangci-lint v1.64.8 → [Updates: v2.11.3]

.github/actions/pack/action.yml (9)

• docker/login-action v4.0.0@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4.1.0]
• aws-actions/configure-aws-credentials v6.0.0@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
• aws-actions/amazon-ecr-login v2.0.1@062b18b96a7aff071d4dc91bc00c4c1a7945b076 → [Updates: v2.1.2]
• docker/login-action v4.0.0@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4.1.0]
• docker/setup-buildx-action v4.0.0@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7.0.0@d08e5c354a6adb9ed34480a06d141179aa583294
• aquasecurity/trivy-action 0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
• actions/attest v4.1.0@59d89421af93a897026c735860bf21b6eb4f7b26
• sigstore/cosign-installer v3.10.1@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 → [Updates: v4.1.0]

.github/actions/security/action.yml (2)

• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f

.github/actions/setup/action.yml (2)

• tibdex/github-app-token v2.1.0@3beb63f4bd073e61482598c45c71c1019b59b73a
• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]

.github/workflows/ci.yml (10)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/login-action v3.7.0@c94ce9fb468520275223c153574b00df6fe4bcc9 → [Updates: v4.0.0]
• docker/setup-buildx-action v4.0.0@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7.0.0@d08e5c354a6adb9ed34480a06d141179aa583294
• peter-evans/dockerhub-description v5.0.0@1b9a80c056b620d92cedb9d9b5a223409c68ddfa

gomod (1)

go.mod (14)

• go 1.26.1
• github.com/descope/common v0.0.9-0.20260313223916-39a93bb37c9b@39a93bb37c9b
• github.com/descope/go-sdk v1.14.0
• github.com/descope/golang-lru v0.5.5-0.20220516120313-0c580df2ac14@0c580df2ac14
• github.com/descope/protoc-gen-mocker v1.0.1-0.20260331024316-4699e3715868@4699e3715868
• github.com/descope/protoc-gen-validate v1.6.6-0.20260331020626-5ba82bae1f35@5ba82bae1f35
• github.com/stretchr/testify v1.11.1
• google.golang.org/grpc v1.79.3 → [Updates: v1.80.0]
• google.golang.org/protobuf v1.36.11
• github.com/descope/authzservice v0.0.0-20260314201854-0eda79b79169@0eda79b79169
• github.com/google/gnostic v0.7.1
• github.com/google/uuid v1.6.0
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0
• google.golang.org/genproto/googleapis/api v0.0.0-20260209200024-4cfbd4190f57@4cfbd4190f57 → [Updates: v0.0.0-20260401024825-9d38bb4040a9]

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository
  📊 View in RenoWeb