Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Package lookup failures

---

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package de.medizininformatik-initiative:sq2cql, Failed to look up maven package jakarta.xml.bind.:jakarta.xml.bind-api.

Files affected: pom.xml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency com.nimbusds:oauth2-oidc-sdk to v11.29.2
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v9.1.5
• Update dependency ca.uhn.hapi.fhir:org.hl7.fhir.utilities to v6.7.1
• Update dependency com.github.dasniko:testcontainers-keycloak to v3.9.0
• Update keycloak/keycloak Docker tag to v26.4
• Update dependency ca.uhn.hapi.fhir:hapi-fhir-client to v8
• Update dependency ca.uhn.hapi.fhir:hapi-fhir-structures-r4 to v8
• Update eclipse-temurin Docker tag to v25
• Update jaxb-ri monorepo to v4 (major) (com.sun.xml.bind:jaxb-impl, org.glassfish.jaxb:jaxb-runtime)
• Update postgres Docker tag to v18
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

docker-compose

.github/integration-test/docker-compose.yml

• postgres 17-alpine
• docker.elastic.co/elasticsearch/elasticsearch 9.1.4
• samply/blaze 1.1.2
• ghcr.io/medizininformatik-initiative/flare 2.6.0
• postgres 17-alpine
• keycloak/keycloak 26.3

docker-compose.yml

• postgres 17-alpine
• docker.elastic.co/elasticsearch/elasticsearch 9.1.4

dockerfile

Dockerfile

• eclipse-temurin 24-jre-alpine@sha256:4044b6c87cb088885bcd0220f7dc7a8a4aab76577605fa471945d2e98270741f

github-actions

.github/workflows/ci.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• docker/metadata-action v5.8.0@c1e51972afc2121e065aed6d45c65596fe445f3f
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• github/codeql-action v3.30.6@64d10c13136e1c5bce3e5fbde8d4906eeaafc885
• codecov/codecov-action v5.5.1@5a1091511ad55cbe89839c7260b706298ca349f7
• github/codeql-action v3.30.6@64d10c13136e1c5bce3e5fbde8d4906eeaafc885
• actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02
• docker/setup-buildx-action v3.11.1@e468171a9de216ec08956ac3ada2f0791b6bd435
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83
• actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83
• aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
• github/codeql-action v3.30.6@64d10c13136e1c5bce3e5fbde8d4906eeaafc885
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• actions/download-artifact v5.0.0@634f93cb2916e3fdff6788551b99b062d0335ce0
• dcarbone/install-jq-action v3.2.0@b7ef57d46ece78760b4019dbc4080a1ba2a40b45
• jwalton/gh-docker-logs v2.2.2@2741064ab9d7af54b0b1ffb6076cf64c16f0220e
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• nowsprinting/check-version-format-action v4.0.7@bb1181a02ee5d9ae4feead2842236183c85152c6
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• docker/login-action v3.6.0@5e57cd118135c172c3672efd75eb46360885c0ef
• docker/setup-qemu-action v3.6.0@29109295f81e9208d7d86ff1c6c12d2833863392
• docker/setup-buildx-action v3.11.1@e468171a9de216ec08956ac3ada2f0791b6bd435
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83

.github/workflows/remove-image-of-closed-pr.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• dataaxiom/ghcr-cleanup-action v1@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4

.github/workflows/remove-untagged-images.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• dataaxiom/ghcr-cleanup-action v1@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4

.github/workflows/scorecard.yml

• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02
• github/codeql-action v3.30.6@64d10c13136e1c5bce3e5fbde8d4906eeaafc885

maven

pom.xml

• org.springframework.boot:spring-boot-starter-parent 3.5.6
• io.undertow:undertow-core 2.3.19.Final
• io.undertow:undertow-servlet 2.3.19.Final
• io.undertow:undertow-websockets-jsr 2.3.19.Final
• com.nimbusds:oauth2-oidc-sdk 11.29.1
• org.postgresql:postgresql 42.7.8
• org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.13
• com.github.erosb:everit-json-schema 1.14.6
• org.json:json 20250517
• org.aktin:broker-client 1.5.1
• ca.uhn.hapi.fhir:hapi-fhir-client 7.6.1
• ca.uhn.hapi.fhir:hapi-fhir-structures-r4 7.6.1
• ca.uhn.hapi.fhir:org.hl7.fhir.utilities 6.6.7
• com.bucket4j:bucket4j-core 8.10.1
• org.apache.commons:commons-text 1.14.0
• dev.dsf:dsf-fhir-webservice-client 1.8.0
• dev.dsf:dsf-fhir-websocket-client 1.8.0
• org.bouncycastle:bcprov-jdk18on 1.82
• org.bouncycastle:bcutil-jdk18on 1.82
• org.bouncycastle:bcpkix-jdk18on 1.82
• dev.dsf:dsf-fhir-rest-adapter 1.8.0
• de.medizininformatik-initiative:sq2cql 1.0.0
• com.github.ben-manes.caffeine:caffeine 3.2.2
• org.codehaus.janino:janino 3.1.12
• com.opencsv:opencsv 5.12.0
• org.threeten:threeten-extra 1.8.0
• org.mockito:mockito-core 5.20.0
• com.squareup.okhttp3:mockwebserver 5.1.0
• com.github.dasniko:testcontainers-keycloak 3.8.0
• org.apache.commons:commons-compress 1.28.0
• io.projectreactor:reactor-test 3.8.0-M7
• jakarta.xml.bind.:jakarta.xml.bind-api 2.3.3
• org.glassfish.jaxb:jaxb-runtime 2.3.9
• org.apache.maven.plugins:maven-release-plugin 3.1.1
• org.apache.maven.plugins:maven-failsafe-plugin 3.5.4
• org.jacoco:jacoco-maven-plugin 0.8.13
• io.github.git-commit-id:git-commit-id-maven-plugin 9.0.2
• org.codehaus.mojo:properties-maven-plugin 1.2.1
• com.sun.xml.bind:jaxb-impl 2.3.9
• org.codehaus.mojo:wagon-maven-plugin 2.0.2
• org.codehaus.mojo:truezip-maven-plugin 1.2
• com.coderplus.maven.plugins:copy-rename-maven-plugin 1.0.1
• org.apache.maven.plugins:maven-antrun-plugin 3.1.0
• org.apache.maven.plugins:maven-clean-plugin 3.5.0

---

• Check this box to trigger a request for Renovate to run again on this repository