Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update actions/add-to-project action to v0.6.1
• Update actions/stale action to v9.1.0
• Update aquasecurity/trivy-action action to v0.36.0
• Update docker/setup-qemu-action action to v3.7.0
• Update github/codeql-action action to v2.28.1
• Update reviewdog/action-misspell action to v1.27
• Update reviewdog/action-shellcheck action to v1.32
• Update snapcore/action-publish action to v1.2.0
• Update step-security/harden-runner action to v2.19.0
• Update super-linter/super-linter action to v6.9.0
• Update actions/add-to-project action to v1
• Update actions/setup-go action to v6
• Update actions/stale action to v10
• Update docker/setup-buildx-action action to v4
• Update docker/setup-qemu-action action to v4
• Update GitHub Artifact Actions (major) (actions/download-artifact, actions/upload-artifact)
• Update github/codeql-action action to v4
• Update golangci/golangci-lint-action action to v9
• Update super-linter/super-linter action to v8
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package snapcore/action-publish), Could not determine new digest for update (github-tags package github/codeql-action), Could not determine new digest for update (github-tags package aquasecurity/trivy-action).

Files affected: .github/workflows/reusable-builder-snap.yml, .github/workflows/reusable-codeql.yml, .github/workflows/reusable-trivy.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update semgrep/semgrep Docker digest to 40579a2
• Update actions/cache action to v5.0.5
• Update sonatype-nexus-community/nancy-github-action action to v1.0.3
• Update actions/dependency-review-action action to v4.9.0
• Update actions/setup-go action to v5.6.0
• Update apache/skywalking-eyes action to v0.8.0
• Update docker/setup-buildx-action action to v3.12.0
• Update fossas/fossa-action action to v1.9.0
• Update ossf/scorecard-action action to v2.4.3
• Update reviewdog/action-alex action to v1.16.1
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

github-actions (25)

.github/workflows/reusable-add-to-project.yml (5)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/add-to-project v0.4.0@960fbad431afda394cfcf8743445e741acd19e85 → [Updates: v0.6.1, v1.0.2]
• actions/add-to-project v0.4.0@960fbad431afda394cfcf8743445e741acd19e85 → [Updates: v0.6.1, v1.0.2]

.github/workflows/reusable-alex.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-alex v1.13.0@f95df9e356d97e67e4626f04ad125c4a99a906a9 → [Updates: v1.16.1]

.github/workflows/reusable-builder-aur.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]

.github/workflows/reusable-builder-deb.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-qemu-action v3.0.0@68827325e0b33c7199eb31dd4e31fbe9023e06e3 → [Updates: v3.7.0, v4]
• docker/setup-buildx-action v3.3.0@d70bba72b1f3fd22344832f00baa16ece964efeb → [Updates: v3.12.0, v4]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]

.github/workflows/reusable-builder-flatpak.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v5.4.0@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b → [Updates: v5.6.0, v6.4.0]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• go ^1.19

.github/workflows/reusable-builder-go.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v5.4.0@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b → [Updates: v5.6.0, v6.4.0]
• actions/cache v5.0.4@668228422ae6a00e4ad889ee87cd7109ec5666a7 → [Updates: v5.0.5]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]

.github/workflows/reusable-builder-rpm.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]

.github/workflows/reusable-builder-snap.yml (7)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-qemu-action v3.0.0@68827325e0b33c7199eb31dd4e31fbe9023e06e3 → [Updates: v3.7.0, v4]
• snapcore/action-build v1.3.0@3bdaa03e1ba6bf59a65f84a751d943d549a54e79
• snapcore/action-publish v1.1.1@0a8d537ae06f4a292e8b4ef1084cd5631b3c6871 → [Updates: v1.2.0]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]

.github/workflows/reusable-codeql.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v2.11.2@f0a12816612c7306b485a22cb164feb43c6df818 → [Updates: v2.28.1, v4.35.2]
• github/codeql-action v2.11.2@f0a12816612c7306b485a22cb164feb43c6df818 → [Updates: v2.28.1, v4.35.2]
• github/codeql-action v2.11.2@f0a12816612c7306b485a22cb164feb43c6df818 → [Updates: v2.28.1, v4.35.2]

.github/workflows/reusable-dependency-review.yml (5)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v4.3.4@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c → [Updates: v4.9.0]
• actions/dependency-review-action v4.3.4@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c → [Updates: v4.9.0]

.github/workflows/reusable-fossa.yml (4)

• step-security/harden-runner v2.6.0@1b05615854632b887b69ae1be8cbefe72d3ae423 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• fossas/fossa-action v1.3.1@f61a4c0c263690f2ddb54b9822a719c25a7b608f → [Updates: v1.9.0]

.github/workflows/reusable-golangci.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v5.4.0@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b → [Updates: v5.6.0, v6.4.0]
• golangci/golangci-lint-action v8.0.0@4afd733a84b1f43292c63897423277bb7f4313a9 → [Updates: v9.2.0]
• go ^1.18

.github/workflows/reusable-goreportcard.yml (3)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/reusable-license.yml (8)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• apache/skywalking-eyes v0.4.0@438e4ea5682269933ea2c8b5608662e52af26959 → [Updates: v0.8.0]
• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• apache/skywalking-eyes v0.4.0@438e4ea5682269933ea2c8b5608662e52af26959 → [Updates: v0.8.0]

.github/workflows/reusable-misspell.yml (4)

• step-security/harden-runner v2.6.0@1b05615854632b887b69ae1be8cbefe72d3ae423 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-misspell v1.15.0@06d6a480724fa783c220081bbc22336a78dbbe82 → [Updates: v1.27]

.github/workflows/reusable-nancy.yml (6)

• step-security/harden-runner v2.6.0@1b05615854632b887b69ae1be8cbefe72d3ae423 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v5.4.0@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b → [Updates: v5.6.0, v6.4.0]
• sonatype-nexus-community/nancy-github-action v1.0.2@aae196481b961d446f4bff9012e4e3b63d7921a4 → [Updates: v1.0.3]
• go ^1.18

.github/workflows/reusable-releaser-gemfury.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v7.0.0@37930b1c2abaa49bbe596cd826c3c89aef350131 → [Updates: v8.0.1]

.github/workflows/reusable-releaser-go.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v7.0.0@37930b1c2abaa49bbe596cd826c3c89aef350131 → [Updates: v8.0.1]

.github/workflows/reusable-scorecards.yml (6)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.3.1@0864cf19026789058feabb7e87baa5f140aac736 → [Updates: v2.4.3]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• github/codeql-action v2.1.31@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 → [Updates: v2.28.1, v4.35.2]

.github/workflows/reusable-semgrep.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• semgrep/semgrep sha256:5930c9438968657745cc8c193e338ec9e08c5ead0b926b1b4ed37e06a9cc2270 → [Updates: undefined]

.github/workflows/reusable-shellcheck.yml (4)

• step-security/harden-runner v2.6.0@1b05615854632b887b69ae1be8cbefe72d3ae423 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-shellcheck v1.17.0@f52d78284b4941028952125a10c76676c3d456eb → [Updates: v1.32]

.github/workflows/reusable-stale.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/stale v9.0.0@28ca1036281a5e5922ead5184a1bbf96e5fc984e → [Updates: v9.1.0, v10.2.0]

.github/workflows/reusable-super-linter.yml (5)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• super-linter/super-linter v6.0.0@ff5037c06042e564803502feb97f8a686f3b0171 → [Updates: v6.9.0, v8.6.0]
• super-linter/super-linter v6.0.0@ff5037c06042e564803502feb97f8a686f3b0171 → [Updates: v6.9.0, v8.6.0]

.github/workflows/reusable-trivy.yml (12)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• aquasecurity/trivy-action 0.14.0@2b6a709cf9c4025c5438138008beaddbb02086f0 → [Updates: v0.36.0]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• github/codeql-action v2.1.31@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 → [Updates: v2.28.1, v4.35.2]
• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• aquasecurity/trivy-action 0.14.0@2b6a709cf9c4025c5438138008beaddbb02086f0 → [Updates: v0.36.0]
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• github/codeql-action v2.1.31@c3b6fce4ee2ca25bc1066aa3bf73962fda0e8898 → [Updates: v2.28.1, v4.35.2]

.github/workflows/reusable-urlcheck.yml (4)

• step-security/harden-runner v2.17.0@f808768d1510423e83855289c910610ca9b43176 → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• urlstechie/urlchecker-action 0.0.34@b643b43e2ac605e1475331c7b67247d242b7dce4

---

• Check this box to trigger a request for Renovate to run again on this repository

[welcome]

Thanks for opening this issue. We should be by to give feedback soon. In the meantime, please check out the contributing guidelines.