Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update dependency com.google.guava:guava to v33.5.0-jre
• Update dependency org.apache.commons:commons-lang3 to v3.19.0
• Update dependency org.bouncycastle:bcprov-jdk18on to v1.82
• Update dependency org.junit.jupiter:junit-jupiter to v5.14.1
• Update actions/stale action to v10
• Update dependency com.zaxxer:HikariCP to v7
• Update dependency net.logstash.logback:logstash-logback-encoder to v9
• Update dependency org.flywaydb:flyway-core to v11
• Update dependency org.junit.jupiter:junit-jupiter to v6
• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2025
• Update dependency org.testcontainers:testcontainers to v2
• Update Gradle to v9
• Update plugin org.sonarqube to v7
• Update postgres Docker tag to v18
• Update stefanzweifel/git-auto-commit-action action to v7
• Update Terraform azuread to v3
• Update tibdex/github-app-token action to v2
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package net.jcip:jcip-annotations, Failed to look up maven package com.github.codacy:codacy-coverage-reporter.

Files affected: build.gradle

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency hashicorp/terraform to v1.13.5
• Update plugin org.owasp.dependencycheck to v12.1.9
• Update dependency com.github.hmcts:ccd-test-definitions to v7.27.7-prerelease-CME-537
• Update plugin com.github.ben-manes.versions to v0.53.0
• Update plugin org.springframework.boot to v3.5.7
• Update spring security to v6.5.6 (org.springframework.security:spring-security-crypto, org.springframework.security:spring-security-web, org.springframework.security:spring-security-config, org.springframework.security:spring-security-core)
• Update actions/cache action to v4
• Update actions/checkout action to v5
• Update actions/setup-java action to v5
• Update dependency com.github.hmcts:auth-checker-lib to v3
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• Update testcontainers-java monorepo to v1.21.3 (org.testcontainers:junit-jupiter, org.testcontainers:testcontainers)
• Update dependency com.github.hmcts:ccd-test-definitions to v97

Detected dependencies

docker-compose

docker-compose.yml

dockerfile

docker/database/Dockerfile

• postgres 15

Dockerfile

• hmctspublic.azurecr.io/base/java 21-distroless

github-actions

.github/workflows/scheduled-dummy-commit.yml

• tibdex/github-app-token v1
• actions/checkout v3
• stefanzweifel/git-auto-commit-action v4

.github/workflows/stale.yml

• actions/stale v9

.github/workflows/swagger.yml

• actions/checkout v3
• actions/cache v3
• actions/setup-java v4

gradle

build.gradle

• io.spring.dependency-management 1.1.7
• org.springframework.boot 3.4.6
• org.owasp.dependencycheck 12.1.3
• se.patrikerdes.use-latest-versions 0.2.19
• com.github.ben-manes.versions 0.51.0
• org.sonarqube 6.3.1.5724
• com.github.kt3k.coveralls 2.12.2
• com.github.spacialcircumstances.gradle-cucumber-reporting 0.1.25
• info.solidsoft.pitest 1.15.0
• uk.gov.hmcts.java 0.12.67
• org.springframework.cloud:spring-cloud-dependencies 2024.0.2
• org.bouncycastle:bcprov-jdk18on 1.81
• org.projectlombok:lombok 1.18.42
• com.github.hmcts.java-logging:logging 6.1.9
• com.github.hmcts.java-logging:logging-appinsights 6.1.9
• net.logstash.logback:logstash-logback-encoder 7.4
• org.slf4j:slf4j-api 2.0.17
• org.slf4j:jcl-over-slf4j 2.0.17
• org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.14
• org.flywaydb:flyway-core 9.22.3
• org.yaml:snakeyaml 2.5
• com.zaxxer:HikariCP 5.1.0
• org.postgresql:postgresql 42.7.8
• com.github.hmcts:auth-checker-lib 2.1.5
• com.google.guava:guava 33.4.8-jre
• javax.inject:javax.inject 1
• commons-fileupload:commons-fileupload 1.6.0
• org.apache.commons:commons-lang3 3.18.0
• com.sun.mail:mailapi 2.0.2
• org.apache.httpcomponents:httpclient 4.5.14
• net.jcip:jcip-annotations 1.0
• org.springframework.security:spring-security-core 6.4.6
• org.springframework.security:spring-security-config 6.4.6
• org.springframework.security:spring-security-web 6.4.6
• org.springframework.security:spring-security-crypto 6.4.6
• com.github.hmcts:service-auth-provider-java-client 5.3.3
• com.github.codacy:codacy-coverage-reporter 13.13.7
• org.junit.jupiter:junit-jupiter 5.13.4
• org.testcontainers:testcontainers 1.21.1
• org.testcontainers:junit-jupiter 1.21.1
• com.github.hmcts:ccd-test-definitions 7.25.4
• com.github.hmcts:befta-fw 9.2.4
• com.github.hmcts:fortify-client 1.4.10
• info.solidsoft.gradle.pitest:gradle-pitest-plugin 1.15.0

gradle/suppress.gradle

settings.gradle

gradle-wrapper

gradle/wrapper/gradle-wrapper.properties

• gradle 8.14.3

helm-values

charts/ccd-user-profile-api/values.yaml

helmv3

charts/ccd-user-profile-api/Chart.yaml

• java 5.3.0

renovate-config-presets

.github/renovate.json

terraform

infrastructure/main.tf

infrastructure/state.tf

• azuread 2.53.1
• azurerm ~> 4.0

terraform-version

infrastructure/.terraform-version

• hashicorp/terraform 1.13.2

---

• Check this box to trigger a request for Renovate to run again on this repository