This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/banshee86vr/krabbx). ## Deprecations / Replacements > [!WARNING] The following dependencies are either deprecated or have replacements available. | Datasource | Package | Replacement PR? | |------------|------|--------------| | npm | `@types/csrf` |  | ## Rate-Limited The following updates are currently rate-limited. To force their creation now, click on a checkbox below. - [ ] <!-- unlimit-branch=renovate/actions-checkout-4.x -->chore(deps): update actions/checkout action to v4.3.1 - [ ] <!-- unlimit-branch=renovate/aquasecurity-trivy-action-0.x -->chore(deps): update aquasecurity/trivy-action action to v0.36.0 - [ ] <!-- unlimit-branch=renovate/express-session-1.x-lockfile -->chore(deps): update dependency @types/express-session to v1.19.0 - [ ] <!-- unlimit-branch=renovate/autoprefixer-10.x-lockfile -->chore(deps): update dependency autoprefixer to v10.5.0 - [ ] <!-- unlimit-branch=renovate/react-monorepo -->chore(deps): update dependency eslint-plugin-react-hooks to v7.1.1 - [ ] <!-- unlimit-branch=renovate/express-rate-limit-8.x-lockfile -->chore(deps): update dependency express-rate-limit to v8.4.1 - [ ] <!-- unlimit-branch=renovate/redis-5.x-lockfile -->chore(deps): update dependency redis to v5.12.1 - [ ] <!-- unlimit-branch=renovate/nginx-1.x -->chore(deps): update nginx docker tag to v1.30.0 - [ ] <!-- unlimit-branch=renovate/actions-checkout-6.x -->chore(deps): update actions/checkout action to v6 - [ ] <!-- unlimit-branch=renovate/azure-setup-helm-5.x -->chore(deps): update azure/setup-helm action to v5 - [ ] <!-- create-all-rate-limited-prs -->🔐 **Create all rate-limited PRs at once** 🔐 ## Open The following updates have all been created. To force a retry/rebase of any, click on a checkbox below. - [ ] <!-- rebase-branch=renovate/typescript-6.x-lockfile -->[chore(deps): update dependency typescript to v6.0.3](../pull/71) - [ ] <!-- rebase-branch=renovate/vite-8.x-lockfile -->[chore(deps): update dependency vite to v8.0.10](../pull/72) - [ ] <!-- rebase-branch=renovate/tailwindcss-monorepo -->[chore(deps): update tailwindcss monorepo to v4.2.4](../pull/73) (`@tailwindcss/vite`, `tailwindcss`) - [ ] <!-- rebase-branch=renovate/vitest-monorepo -->[chore(deps): update vitest monorepo to v4.1.5](../pull/74) (`@vitest/coverage-v8`, `vitest`) - [ ] <!-- rebase-all-open-prs -->**Click on this checkbox to rebase all open PRs at once** ## PR Closed (Blocked) The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below. - [ ] <!-- recreate-branch=renovate/dotenv-17.x-lockfile -->[chore(deps): update dependency dotenv to v17.4.2](../pull/59) - [ ] <!-- recreate-branch=renovate/tanstack-query-monorepo -->[chore(deps): update dependency @tanstack/react-query to v5.100.6](../pull/56) - [ ] <!-- recreate-branch=renovate/eslint-monorepo -->[chore(deps): update dependency eslint to v10.2.1](../pull/52) - [ ] <!-- recreate-branch=renovate/lucide-monorepo -->[chore(deps): update dependency lucide-react to v1.14.0](../pull/53) - [ ] <!-- recreate-branch=renovate/react-router-monorepo -->[chore(deps): update dependency react-router-dom to v7.14.2](../pull/54) - [ ] <!-- recreate-branch=renovate/prisma-monorepo -->[chore(deps): update prisma monorepo to v7.8.0](../pull/55) (`@prisma/adapter-pg`, `@prisma/client`, `prisma`) - [ ] <!-- recreate-branch=renovate/typescript-eslint-monorepo -->[chore(deps): update typescript-eslint monorepo to v8.59.1](../pull/60) (`@typescript-eslint/eslint-plugin`, `@typescript-eslint/parser`, `typescript-eslint`) - [ ] <!-- recreate-branch=renovate/pnpm-action-setup-6.x -->[chore(deps): update pnpm/action-setup action to v6](../pull/58) - [ ] <!-- recreate-branch=renovate/hashicorp-design-system-tokens-5.x -->[fix(deps): update dependency @hashicorp/design-system-tokens to v5](../pull/61) ## Detected Dependencies <details><summary>docker-compose (1)</summary> <blockquote> <details><summary>docker/docker-compose.yml (2)</summary> - `postgres 18-alpine` - `redis 8-alpine` </details> </blockquote> </details> <details><summary>dockerfile (2)</summary> <blockquote> <details><summary>docker/Dockerfile.backend (2)</summary> - `node 25-alpine` - `node 25-alpine` </details> <details><summary>docker/Dockerfile.frontend (2)</summary> - `node 25-alpine` - `nginx 1.29.8-alpine` → [Updates: `1.30.0-alpine`] </details> </blockquote> </details> <details><summary>github-actions (3)</summary> <blockquote> <details><summary>.github/workflows/ci.yml (12)</summary> - `actions/checkout v6` - `pnpm/action-setup v5` → [Updates: `v6`] - `actions/setup-node v6` - `actions/upload-artifact v7` - `actions/checkout v6` - `pnpm/action-setup v5` → [Updates: `v6`] - `actions/setup-node v6` - `actions/upload-artifact v7` - `pnpm 10` - `node 24` - `pnpm 10` - `node 24` </details> <details><summary>.github/workflows/lockfile-update.yml (5)</summary> - `actions/checkout v6` - `pnpm/action-setup v5` → [Updates: `v6`] - `actions/setup-node v6` - `pnpm 10` - `node 24` </details> <details><summary>.github/workflows/security.yml (27)</summary> - `actions/checkout v6` - `github/codeql-action v4` - `pnpm/action-setup v5` → [Updates: `v6`] - `actions/setup-node v6` - `github/codeql-action v4` - `actions/checkout v6` - `aquasecurity/trivy-action v0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1` → [Updates: `v0.36.0`] - `github/codeql-action v4` - `actions/checkout v6` - `aquasecurity/trivy-action v0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1` → [Updates: `v0.36.0`] - `github/codeql-action v4` - `actions/checkout v6` - `aquasecurity/trivy-action v0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1` → [Updates: `v0.36.0`] - `github/codeql-action v4` - `actions/checkout v6` - `actions/dependency-review-action v4` - `actions/checkout v6` - `pnpm/action-setup v5` → [Updates: `v6`] - `actions/setup-node v6` - `actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v4.3.1`, `v6.0.2`] - `gitleaks/gitleaks-action v2` - `actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v4.3.1`, `v6.0.2`] - `azure/setup-helm v4` → [Updates: `v5`] - `pnpm 10` - `node 24` - `pnpm 10` - `node 24` </details> </blockquote> </details> <details><summary>helm-values (1)</summary> <blockquote> <details><summary>helm/renovate-dashboard/values.yaml (2)</summary> - `postgres 18-alpine` - `redis 8-alpine` </details> </blockquote> </details> <details><summary>npm (5)</summary> <blockquote> <details><summary>backend/package.json (36)</summary> - `@octokit/rest ^22.0.1` - `@prisma/adapter-pg ^7.6.0` → [Updates: `^7.6.0`] - `@prisma/client ^7.6.0` → [Updates: `^7.6.0`] - `@socket.io/redis-adapter ^8.3.0` - `connect-redis ^9.0.0` - `cookie-parser ^1.4.7` - `cors ^2.8.6` - `csrf ^3.1.0` - `dotenv ^17.3.1` → [Updates: `^17.3.1`] - `express ^5.2.1` - `express-rate-limit ^8.3.2` → [Updates: `^8.3.2`] - `express-session ^1.19.0` - `helmet ^8.1.0` - `morgan ^1.10.1` - `node-cron ^4.2.1` - `pg ^8.20.0` - `redis ^5.11.0` → [Updates: `^5.11.0`] - `socket.io ^4.8.3` - `zod ^4.3.6` - `@eslint/js ^10.0.1` - `@types/cookie-parser ^1.4.10` - `@types/cors ^2.8.19` - `@types/csrf ^3.1.3` - `@types/express ^5.0.6` - `@types/express-session ^1.18.2` → [Updates: `^1.18.2`] - `@types/morgan ^1.9.10` - `@types/node ^25.5.0` - `@typescript-eslint/eslint-plugin ^8.58.1` → [Updates: `^8.58.1`] - `@typescript-eslint/parser ^8.58.1` → [Updates: `^8.58.1`] - `@vitest/coverage-v8 ^4.1.2` → [Updates: `^4.1.2`] - `eslint ^10.1.0` → [Updates: `^10.1.0`] - `prisma ^7.6.0` → [Updates: `^7.6.0`] - `tsx ^4.21.0` - `typescript ^6.0.0` → [Updates: `^6.0.0`] - `typescript-eslint ^8.58.1` → [Updates: `^8.58.1`] - `vitest ^4.1.2` → [Updates: `^4.1.2`] </details> <details><summary>frontend/.vite/deps/package.json</summary> </details> <details><summary>frontend/package.json (28)</summary> - `@hashicorp/design-system-tokens ^4.0.1` → [Updates: `^5.0.0`] - `@tanstack/react-query ^5.95.2` → [Updates: `^5.95.2`] - `class-variance-authority ^0.7.1` - `clsx ^2.1.1` - `lucide-react ^1.7.0` → [Updates: `^1.7.0`] - `react ^19.2.4` - `react-dom ^19.2.4` - `react-router-dom ^7.13.2` → [Updates: `^7.13.2`] - `recharts ^3.8.1` - `socket.io-client ^4.8.3` - `tailwind-merge ^3.5.0` - `@eslint/js ^10.0.1` - `@tailwindcss/vite ^4.2.2` → [Updates: `^4.2.2`] - `@types/react ^19.2.14` - `@types/react-dom ^19.2.3` - `@typescript-eslint/eslint-plugin ^8.58.1` → [Updates: `^8.58.1`] - `@typescript-eslint/parser ^8.58.1` → [Updates: `^8.58.1`] - `@vitejs/plugin-react ^6.0.1` - `@vitest/coverage-v8 ^4.1.2` → [Updates: `^4.1.2`] - `autoprefixer ^10.4.27` → [Updates: `^10.4.27`] - `eslint ^10.1.0` → [Updates: `^10.1.0`] - `eslint-plugin-react-hooks ^7.0.1` → [Updates: `^7.0.1`] - `postcss ^8.5.8` - `tailwindcss ^4.2.2` → [Updates: `^4.2.2`] - `typescript ^6.0.0` → [Updates: `^6.0.0`] - `typescript-eslint ^8.58.1` → [Updates: `^8.58.1`] - `vite ^8.0.5` → [Updates: `^8.0.5`] - `vitest ^4.1.2` → [Updates: `^4.1.2`] </details> <details><summary>package.json (7)</summary> - `concurrently ^9.2.1` - `node >=24.0.0` - `defu >=6.1.5` - `picomatch >=4.0.4` - `hono >=4.12.14` - `@hono/node-server >=1.19.13` - `postcss >=8.5.10` </details> <details><summary>pnpm-workspace.yaml</summary> </details> </blockquote> </details> <details><summary>renovate-config-presets (1)</summary> <blockquote> <details><summary>renovate.json</summary> </details> </blockquote> </details> --- - [ ] <!-- manual job -->Check this box to trigger a request for Renovate to run again on this repository
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Deprecations / Replacements
Warning
The following dependencies are either deprecated or have replacements available.
@types/csrfRate-Limited
The following updates are currently rate-limited. To force their creation now, click on a checkbox below.
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
@tailwindcss/vite,tailwindcss)@vitest/coverage-v8,vitest)PR Closed (Blocked)
The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.
@prisma/adapter-pg,@prisma/client,prisma)@typescript-eslint/eslint-plugin,@typescript-eslint/parser,typescript-eslint)Detected Dependencies
docker-compose (1)
dockerfile (2)
github-actions (3)
helm-values (1)
npm (5)
renovate-config-presets (1)