Dependency DashboardΒ #52
Description
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Config Migration Needed
See Config Migration PR: #77.Repository problems
Renovate tried to run on this repository, but found these problems.
- WARN: Package lookup failures
Rate-Limited
The following updates are currently rate-limited. To force their creation now, click on a checkbox below.
- chore(deps): update actions/checkout action to v4.3.0
- chore(deps): update actions/upload-artifact action to v4.6.2
- chore(deps): update astral-sh/setup-uv action to v6.8.0
- chore(deps): update int128/comment-action action to v1.42.0
- chore(deps): update int128/hide-comment-action action to v1.46.0
- chore(deps): update trufflesecurity/trufflehog docker tag to v3.90.11
- chore(deps): update actions/checkout action to v5
- chore(deps): update astral-sh/setup-uv action to v7
- π Create all rate-limited PRs at once π
Warning
Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package actions/checkout).
Files affected: trivy/action.yml
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
- chore(deps): update grafana/shared-workflows/ action to
- chore(deps): update snyk/actions digest to 9adf32b
- chore(deps): update actions/github-script action to v8
- chore(deps): update dependabot/fetch-metadata action to v2
- chore(deps): update tibdex/github-app-token action to v2
- Click on this checkbox to rebase all open PRs at once
Vulnerabilities
Renovate has not found any CVEs on osv.dev.
Detected dependencies
github-actions
.github/workflows/dependabot-automerge.yaml
tibdex/github-app-token v1@32691ba7c9e7063bd457bd8f2a5703138591fa58dependabot/fetch-metadata v1.7.0@8348ea7f5d949b08c7f125a44b569c9626b05db3.github/workflows/org-required-trufflehog.yml
grafana/security-github-actions main.github/workflows/periodic-zizmor.yaml
actions/checkout v5@08c6903cd8c0fde910a37f88322edcfb5dd907a8grafana/shared-workflows get-vault-secrets/v1.3.0@a37de51f3d713a30a9e4b21bcdfbd38170020593actions/create-github-app-token v2@67018539274d69449ef7c02e8e71183d1719ab42actions/checkout v5@08c6903cd8c0fde910a37f88322edcfb5dd907a8astral-sh/setup-uv v6.7.0@b75a909f75acd358c2196fb9a5f1299a9a8868a4actions/github-script v7@f28e40c7f34bde8b3046d885e986cb6290c5673b.github/workflows/reusable-trufflehog.yml
actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332int128/hide-comment-action v1.43.0@a30d551065e4231e6d7a671bb5ce884f9ee6417bint128/comment-action v1.39.0@f4faf53666ef83da7d274fa2007e9212c4d719c3actions/upload-artifact v4.4.0@50769540e7f4bd5e21e526ee35c689e35e0d6874.github/workflows/self-zizmor.yaml
actions/checkout v5@08c6903cd8c0fde910a37f88322edcfb5dd907a8grafana/shared-workflows 835ea6d866784d0db603612bfbb354d152b62f5c.github/workflows/snyk_monitor.yml
actions/checkout v5@08c6903cd8c0fde910a37f88322edcfb5dd907a8snyk/actions e2221410bff24446ba09102212d8bc75a567237dtrivy/action.yml
actions/checkout 5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8actions/checkout 5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8actions/checkout 5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
regex
.github/workflows/reusable-trufflehog.yml
trufflesecurity/trufflehog 3.89.2.github/workflows/reusable-trufflehog.yml
trufflesecurity/trufflehog 3.89.2pre-commit/trufflehog.sh
trufflesecurity/trufflehog 3.88.29@sha256:6375b4dd7d045656bf78f52ac5a6e992eff344da9def96f0953cda26f791ffb7