Dependency Dashboard #95
Description
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Note
These dependencies have not received updates for an extended period and may be unmaintained:
View abandoned dependencies (7)
| Datasource | Name | Last Updated |
|---|---|---|
| github-actions | checkmarx/dustilock |
2021-11-21 |
| github-actions | microsoft/security-devops-action |
2024-11-07 |
| github-actions | pascalgn/size-label-action |
2024-10-23 |
| pep621 | gunicorn |
2024-08-10 |
| pep621 | loguru |
2024-12-06 |
| pep621 | staticx |
2023-08-07 |
| pre-commit | ComPWA/taplo-pre-commit |
2024-08-19 |
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release.
Unlike deprecated packages with official notices, abandonment is detected by release inactivity.
Awaiting Schedule
The following updates are awaiting their schedule. To get an update now, click on a checkbox below.
- chore(deps): lock file maintenance
Warning
Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package ossf/scorecard-action), Could not determine new digest for update (github-tags package checkmarx/dustilock), Could not determine new digest for update (github-tags package microsoft/security-devops-action), Could not determine new digest for update (github-tags package google/osv-scanner-action), Could not determine new digest for update (github-tags package aquasecurity/trivy-action), Could not determine new digest for update (github-tags package trufflesecurity/trufflehog), Could not determine new digest for update (github-tags package checkmarx/vorpal-reviewdog-github-action).
Files affected: .github/workflows/ossf.yml, .github/workflows/scans.yml
PR Closed (Blocked)
The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.
Vulnerabilities
Renovate has not found any CVEs on osv.dev.
Detected Dependencies
docker-compose (1)
compose.yaml
dockerfile (1)
Dockerfile (2)
ghcr.io/astral-sh/uv 0.9.21@sha256:15f68a476b768083505fe1dbfcc998344d0135f0ca1b8465c4760b323904f05adebian stable-slim@sha256:449673e1239be6fdc89616f926abb87f360c280c3bb7ca3591694564359695fa
github-actions (5)
.github/workflows/automerge.yml (1)
dependabot/fetch-metadata v2@08eff52bf64351f401fb50d4972fa95b9f2c2d1b.github/workflows/ci.yml (10)
actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8astral-sh/setup-uv v7@681c641aba71e4a1c380be3ab5e12ad51f415867actions/setup-python v6@83679a892e2d95755f2dac6acb0bfd1e9ac5d548docker/setup-qemu-action v3@c7c53464625b32c7a7e944ae62b3e17d2b600130docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6fdocker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83docker/metadata-action v5@c299e40c65443455700f0fdfc63efafe5b349051docker/login-action v3@5e57cd118135c172c3672efd75eb46360885c0efdocker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83docker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83.github/workflows/ossf.yml (3)
actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8ossf/scorecard-action v2@4eaacf0543bb3f2c246792bd56e8cdeffafb205agithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7.github/workflows/pr.yml (3)
amannn/action-semantic-pull-request v6@48f256284bd46cdaab1048c3721360e808335d50actions/labeler v6@634933edcd8ababfe52f92936142cc22ac488b1bpascalgn/size-label-action v0.5.5@f8edde36b3be04b4f65dcfead05dc8691b374348.github/workflows/scans.yml (52)
actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8bridgecrewio/checkov-action 8f61ce5b8a3afb4ca94d236b75201878ded6d2cdgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8docker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83quay/clair-action 9894dc130d2f159ddfa29e93867a0000f5269afdgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8microsoft/DevSkim-Action v1@4b5047945a44163b94642a1cecc0d93a3f428cc6github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8checkmarx/dustilock v1@9a0cc4fe3da93f7efb38679896c074dc94d60ac6actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8gitleaks/gitleaks-action v2@ff98106e4c7b2bc287b24eaf42907196329070c7github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8anchore/scan-action v7@3c9a191a0fbab285ca6b8530b5de5a642cba332fgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8docker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83anchore/scan-action v7@3c9a191a0fbab285ca6b8530b5de5a642cba332fgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8checkmarx/kics-github-action v2@63fca4ca72e56edbb5a599ee756e6af1fdb1e785github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8oxsecurity/megalinter v9@55a59b24a441e0e1943080d4a512d827710d4a9dactions/upload-artifact v6@b7c566a772e6b6bfb58ed0dc250532a479d7789fgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8microsoft/security-devops-action v1@08976cb623803b1b36d7112d4ff9f59eae704de0github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7google/osv-scanner-action v2@375a0e8ebdc98e99b02ac4338a724f5750f21213google/osv-scanner-action v2@375a0e8ebdc98e99b02ac4338a724f5750f21213actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8anchore/sbom-action v0@a930d0ac434e3182448fe678398ba5713717112aanchore/scan-action v7@3c9a191a0fbab285ca6b8530b5de5a642cba332fgithub/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8aquasecurity/trivy-action 0.30@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8aquasecurity/trivy-action 0.30@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8docker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83aquasecurity/trivy-action 0.30@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8aquasecurity/trivy-action 0.30@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8github/codeql-action v4@5d4e8d1aca955e8d8589aabd499c5cae939e33c7actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8trufflesecurity/trufflehog v3@ef6e76c3c4023279497fab4721ffa071a722fd05actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8step-security/changed-files v46@95b56dadb92a30ca9036f16423fd3c088a71ee94checkmarx/vorpal-reviewdog-github-action v1@8cc292f337a2f1dea581b4f4bd73852e7becb50d
pep621 (1)
pyproject.toml (16)
python >=3.11,<4.0fastapi >=0.115gunicorn >=23.0loguru >=0.7sqlmodel >=0.0typer >=0.15mypy ~=1.15pytest ~=9.0pytest-cov ~=7.0pytest-env ~=1.1pytest-mock ~=3.14pytest-xdist ~=3.6pyinstaller ~=6.13scons ~=4.9staticx ~=0.14poetry-core >=2.0,<3.0
pre-commit (1)
.pre-commit-config.yaml (13)
pre-commit/pre-commit v4.5.1pre-commit/pre-commit-hooks v6.0.0gitleaks/gitleaks v8.30.0rhysd/actionlint v1.7.10editorconfig-checker/editorconfig-checker v3.6.0hadolint/hadolint v2.14.0DavidAnson/markdownlint-cli2 v0.20.0astral-sh/ruff-pre-commit v0.14.10koalaman/shellcheck-precommit v0.11.0scop/pre-commit-shfmt v3.12.0-2ComPWA/taplo-pre-commit v0.9.3astral-sh/uv-pre-commit 0.9.21google/yamlfmt v0.20.0
pyenv (1)
.python-version (1)
python 3.13→ [Updates:3.14]
- Check this box to trigger a request for Renovate to run again on this repository