Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps-dev): update sigstore/cosign-installer action to v4.1.2
• chore(deps-dev): update step-security/harden-runner action to v2.19.4
• chore(deps): update module github.com/oapi-codegen/runtime to v1.4.1
• chore(deps-dev): update actions/stale action to v10.3.0
• chore(deps-dev): update github/codeql-action action to v4.36.0
• chore(deps): update module github.com/oapi-codegen/oapi-codegen/v2 to v2.7.0
• chore(deps): update module github.com/onsi/ginkgo/v2 to v2.29.0
• chore(deps): update module github.com/onsi/gomega to v1.41.0
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update quay.io/brancz/kube-rbac-proxy docker tag to v0.22.0

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update gcr.io/distroless/static:latest docker digest to 3592aa8
• chore(deps): update kubernetes monorepo to v0.36.1 (k8s.io/api, k8s.io/apimachinery, k8s.io/client-go)
• chore(deps): update module github.com/fluxcd/pkg/runtime to v0.107.0
• chore(deps): update module sigs.k8s.io/controller-runtime to v0.24.1
• chore(deps-dev): update azure/setup-helm action to v5
• chore(deps-dev): update docker/login-action action to v4
• chore(deps-dev): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
• chore(deps-dev): update goreleaser/goreleaser-action action to v7
• chore(deps-dev): update imranismail/setup-kustomize action to v3
• chore(deps-dev): update zgosalvez/github-actions-ensure-sha-pinned-actions action to v5
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• gcr.io/distroless/static latest@sha256:d90359c7a3ad67b3c11ca44fd5f3f5208cbef546f2e692b0dc3410a869de46bf → [Updates: latest]

github-actions (12)

.github/workflows/main.yaml (5)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• shogo82148/actions-goveralls v1.11.0@9606dbc5ac5cf888a0e9ef901515c3cd516a2790
• go 1.26.x

.github/workflows/pr-actions.yaml (3)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• zgosalvez/github-actions-ensure-sha-pinned-actions v3.0.25@fc87bb5b5a97953d987372e74478de634726b3e5 → [Updates: v5.0.4]

.github/workflows/pr-build.yaml (34)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78 → [Updates: v5.0.0]
• actions/setup-python v6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• helm/chart-testing-action v2.8.0@6ec842c01de15ebb84c8627d2744a0c2f2755c9f
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• engineerd/setup-kind v0.5.0@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0
• actions/download-artifact v7.0.0@37930b1c2abaa49bbe596cd826c3c89aef350131 → [Updates: v8.0.1]
• imranismail/setup-kustomize v2.1.0@2ba527d4d055ab63514ba50a99456fc35684947f → [Updates: v3.0.0]
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78 → [Updates: v5.0.0]
• actions/setup-python v6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• helm/chart-testing-action v2.8.0@6ec842c01de15ebb84c8627d2744a0c2f2755c9f
• helm/kind-action v1.14.0@ef37e7f390d99f746eb8b610417061a60e82a6cc
• actions/download-artifact v7.0.0@37930b1c2abaa49bbe596cd826c3c89aef350131 → [Updates: v8.0.1]
• python 3.14
• go 1.26.x
• go 1.26.x
• go 1.26.x
• go 1.26.x
• python 3.14

.github/workflows/pr-goreleaser.yaml (3)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a → [Updates: v7.2.2]

.github/workflows/pr-label.yaml (1)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]

.github/workflows/pr-stale.yaml (1)

• actions/stale v10.2.0@b5d41d4e1d5dceea10e7104786b73624c18a190f → [Updates: v10.3.0]

.github/workflows/pr-trivy.yaml (3)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4.35.2@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 → [Updates: v4.36.0]

.github/workflows/rebase.yaml (3)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• cirrus-actions/rebase 1.8@b87d48154a87a85666003575337e27b8cd65f691

.github/workflows/release.yaml (12)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• docker/login-action v3.7.0@c94ce9fb468520275223c153574b00df6fe4bcc9 → [Updates: v4.2.0]
• sigstore/cosign-installer v4.1.1@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 → [Updates: v4.1.2]
• anchore/sbom-action v0.24.0@e22c389904149dbc22b58101806040fa8d37a610
• goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a → [Updates: v7.2.2]
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78 → [Updates: v5.0.0]
• sigstore/cosign-installer v4.1.1@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 → [Updates: v4.1.2]
• go 1.26.x

.github/workflows/report-on-vulnerabilities.yaml (7)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v7.0.0@37930b1c2abaa49bbe596cd826c3c89aef350131 → [Updates: v8.0.1]
• JasonEtco/create-an-issue v2.9.2@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5

.github/workflows/scan.yaml (5)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818

.github/workflows/scorecard.yaml (5)

• step-security/harden-runner v2.19.0@8d3c67de8e2fe68ef647c8db1e6a09f647780f40 → [Updates: v2.19.4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.1]
• github/codeql-action v4.35.2@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 → [Updates: v4.36.0]

gomod (1)

go.mod (14)

• go 1.25.0
• github.com/fluxcd/pkg/runtime v0.91.0 → [Updates: v0.107.0]
• github.com/go-logr/logr v1.4.3
• github.com/oapi-codegen/runtime v1.4.0 → [Updates: v1.4.1]
• github.com/onsi/ginkgo/v2 v2.28.1 → [Updates: v2.29.0]
• github.com/onsi/gomega v1.39.1 → [Updates: v1.41.0]
• github.com/spf13/pflag v1.0.10
• github.com/tj/assert v0.0.3
• golang.org/x/oauth2 v0.36.0
• k8s.io/api v0.35.4 → [Updates: v0.36.1]
• k8s.io/apimachinery v0.35.4 → [Updates: v0.36.1]
• k8s.io/client-go v0.35.4 → [Updates: v0.36.1]
• sigs.k8s.io/controller-runtime v0.22.4 → [Updates: v0.24.1]
• github.com/oapi-codegen/oapi-codegen/v2 v2.6.0 → [Updates: v2.7.0]

helm-values (1)

chart/neo4j-aura-controller/values.yaml (1)

• quay.io/brancz/kube-rbac-proxy v0.20.0 → [Updates: v0.22.0]

renovate-config (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository