Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (2)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
github-actions	fkirc/skip-duplicate-actions	2023-10-09

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• build(deps): update module github.com/cenkalti/backoff/v4 to v5
• chore(deps): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
• chore(deps): update goreleaser/goreleaser-action action to v7
• chore(deps): update quay.io/containers/podman docker tag to v5
• chore(deps): update sigstore/cosign-installer action to v4
• 🔐 Create all pending approval PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• build(deps): update module connectrpc.com/connect to v1.19.2

Detected Dependencies

dockerfile (1)

Dockerfile (2)

• docker.io/busybox 1.37.0@sha256:2383baad1860bbe9d8a7a843775048fd07d8afe292b94bd876df64a69aae7cb1 → [Updates: 1.37.0]
• docker.io/alpine 3.23.4@sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11

github-actions (2)

.github/workflows/container.yml (10)

• fkirc/skip-duplicate-actions v5.3.1@f75f66ce1886f00957d99748a42c724f4330bdcf
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a → [Updates: v7.1.0]
• actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.1]
• sigstore/cosign-installer v3.10.1@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 → [Updates: v4.1.1]
• imjasonh/setup-crane v0.4@31b88efe9de28ae0ffa220711af4b60be9435f6e
• quay.io/containers/podman v4.9.4 → [Updates: v5.8.2]

.github/workflows/go-lint.yml (4)

• fkirc/skip-duplicate-actions v5.3.1@f75f66ce1886f00957d99748a42c724f4330bdcf
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• golangci/golangci-lint-action v9.2.0@1e7e51e771db61008b38414a730f564565cf7c20

gomod (1)

go.mod (12)

• go 1.25.0
• go 1.26.2
• buf.build/gen/go/parca-dev/parca/connectrpc/go v1.19.1-20260413103946-e19e4fde69b5.2@e19e4fde69b5
• buf.build/gen/go/parca-dev/parca/protocolbuffers/go v1.36.11-20260413103946-e19e4fde69b5.1@e19e4fde69b5
• connectrpc.com/connect v1.19.1 → [Updates: v1.19.2]
• github.com/cenkalti/backoff/v4 v4.3.0 → [Updates: v5.0.3]
• github.com/hashicorp/vault/api v1.23.0
• github.com/hashicorp/vault/api/auth/kubernetes v0.12.0
• github.com/oklog/run v1.2.0
• github.com/prometheus/client_golang v1.23.2
• golang.org/x/sync v0.20.0
• google.golang.org/protobuf v1.36.11

regex (1)

.github/workflows/go-lint.yml (1)

• github.com/golangci/golangci-lint v2.11.4

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository