Dependency Dashboard

[ferrlabs-renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): update github actions (hadolint/hadolint-action, ossf/scorecard-action, renovatebot/github-action)
• chore(deps): update github actions (major) (actions/create-github-app-token, amannn/action-semantic-pull-request, docker/setup-qemu-action, github/codeql-action, pnpm/action-setup, renovatebot/github-action, sigstore/cosign-installer)
• 🔐 Create all awaiting schedule PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Failed to look up github-tags package aquasecurity/trivy-action: no-result.

Files affected: .github/workflows/reusable-docker-build.yml

---

Detected Dependencies

github-actions (18)

.github/workflows/renovate.yml (3)

• actions/create-github-app-token v2 → [Updates: v3]
• actions/checkout v6
• renovatebot/github-action v40.3.1 → [Updates: v40.3.6, v46.1.12]

.github/workflows/reusable-ci-astro.yml (10)

• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• actions/upload-artifact v7
• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• actions/checkout v6
• actions/download-artifact v8
• actions/setup-node v6

.github/workflows/reusable-ci-go.yml (11)

• actions/checkout v6
• actions/checkout v6
• actions/setup-go v6
• golangci/golangci-lint-action v9
• actions/checkout v6
• actions/setup-go v6
• codecov/codecov-action v6
• actions/checkout v6
• actions/setup-go v6
• actions/checkout v6
• actions/setup-go v6

.github/workflows/reusable-ci-node.yml (7)

• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• codecov/codecov-action v6
• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6

.github/workflows/reusable-ci-rust.yml (14)

• actions/checkout v6
• dtolnay/rust-toolchain master
• Swatinem/rust-cache v2
• actions/checkout v6
• dtolnay/rust-toolchain master
• Swatinem/rust-cache v2
• taiki-e/install-action v2
• actions/checkout v6
• crate-ci/typos master
• actions/checkout v6
• dtolnay/rust-toolchain master
• Swatinem/rust-cache v2
• taiki-e/install-action v2
• codecov/codecov-action v6

.github/workflows/reusable-docker-build.yml (13)

• actions/checkout v6
• hadolint/hadolint-action v3.1.0 → [Updates: v3.3.0]
• actions/checkout v6
• docker/setup-qemu-action v3 → [Updates: v4]
• docker/setup-buildx-action v4
• docker/login-action v4
• docker/build-push-action v7
• aquasecurity/trivy-action 0.35.0
• github/codeql-action v3 → [Updates: v4]
• sigstore/cosign-installer v3 → [Updates: v4.1.1]
• docker/login-action v4
• actions/attest-build-provenance v4
• anchore/sbom-action v0

.github/workflows/reusable-release-rust.yml (9)

• actions/checkout v6
• dtolnay/rust-toolchain stable
• Swatinem/rust-cache v2
• actions/upload-artifact v7
• actions/checkout v6
• actions/download-artifact v8
• actions/attest-build-provenance v4
• actions/checkout v6
• dtolnay/rust-toolchain stable

.github/workflows/reusable-security-scan.yml (6)

• actions/checkout v6
• github/codeql-action v3 → [Updates: v4]
• actions/checkout v6
• github/codeql-action v3 → [Updates: v4]
• actions/checkout v6
• actions/upload-artifact v7

workflow-templates/ci-astro.yml (15)

• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• actions/upload-artifact v7
• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• actions/checkout v6
• actions/download-artifact v8
• actions/setup-node v6
• pnpm 10
• node 24
• pnpm 10
• node 24
• node 24

workflow-templates/ci-go.yml (10)

• actions/checkout v6
• actions/setup-go v6
• golangci/golangci-lint-action v9
• actions/checkout v6
• actions/setup-go v6
• codecov/codecov-action v6
• actions/checkout v6
• actions/setup-go v6
• actions/checkout v6
• actions/setup-go v6

workflow-templates/ci-node.yml (11)

• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• codecov/codecov-action v6
• actions/checkout v6
• pnpm/action-setup v5 → [Updates: v6]
• actions/setup-node v6
• pnpm 10
• node 24
• pnpm 10
• node 24

workflow-templates/ci-rust.yml (14)

• actions/checkout v6
• dtolnay/rust-toolchain stable
• Swatinem/rust-cache v2
• actions/checkout v6
• dtolnay/rust-toolchain stable
• Swatinem/rust-cache v2
• taiki-e/install-action v2
• actions/checkout v6
• crate-ci/typos master
• actions/checkout v6
• dtolnay/rust-toolchain stable
• Swatinem/rust-cache v2
• taiki-e/install-action v2
• codecov/codecov-action v6

workflow-templates/codeql.yml (4)

• actions/checkout v6
• github/codeql-action v3 → [Updates: v4]
• github/codeql-action v3 → [Updates: v4]
• github/codeql-action v3 → [Updates: v4]

workflow-templates/docker-publish.yml (1)

• FerrLabs/.github main

workflow-templates/pr-title.yml (1)

• amannn/action-semantic-pull-request v5 → [Updates: v6]

workflow-templates/release.yml (2)

• actions/checkout v6
• FerrLabs/FerrFlow v4

workflow-templates/scorecard.yml (4)

• actions/checkout v6
• ossf/scorecard-action v2.4.0 → [Updates: v2.4.3]
• actions/upload-artifact v7
• github/codeql-action v3 → [Updates: v4]

workflow-templates/security-scan.yml (1)

• FerrLabs/.github main

renovate-config (1)

renovate.json