Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Deprecations / Replacements

Warning

The following dependencies are either deprecated or have replacements available.

Datasource	Package	Replacement PR?
npm	@babel/plugin-proposal-private-property-in-object

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update dependency eslint-plugin-import to v2.32.0
• Update dependency eslint-plugin-promise to v6.6.0
• Update dependency prettier to v3.8.4
• Update nginx Docker tag to v1.31.2
• Update ossf/scorecard-action action to v2.4.3
• Update react monorepo to v18.3.1 (react, react-dom)
• Update step-security/harden-runner action to v2.19.4
• Update actions/checkout action to v6
• Update actions/dependency-review-action action to v5
• Update actions/setup-node action to v6
• Update dependency eslint-plugin-n to v18
• Update dependency eslint-plugin-promise to v7
• Update dependency node to v24
• Update dependency web-vitals to v5
• Update eslint monorepo to v10
• Update github/codeql-action action to v4
• Update react monorepo to v19 (react, react-dom)
• Update testing-library monorepo to v16
• 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update nginx:1.25.4-alpine Docker digest to 31bad00
• Update Node.js to 78c4572
• Update actions/checkout action to v4.3.1
• Update actions/setup-node action to v4.4.0
• Update actions/upload-artifact action to v3.2.2
• Update dependency eslint-plugin-react to v7.37.5
• Update eslint monorepo to v8.57.1
• Update github/codeql-action action to v3.36.2
• Update testing-library monorepo (@testing-library/jest-dom, @testing-library/react, @testing-library/user-event)
• Update GitHub Artifact Actions to v7
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (2)

• node 21-alpine@sha256:d3271e4bd89eec4d97087060fd4db0c238d9d22fcfad090a73fa9b5128699888 → [Updates: 24-alpine, 21-alpine]
• nginx 1.25.4-alpine@sha256:6a2f8b28e45c4adea04ec207a251fd4a2df03ddc930f782af51e315ebc76e9a9 → [Updates: 1.31.2-alpine, 1.25.4-alpine]

github-actions (3)

.github/workflows/dependency-review.yml (3)

• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• actions/dependency-review-action v3.1.5@c74b580d73376b7750d3d2a50bfb8adc2c937507 → [Updates: v5.0.0]

.github/workflows/release-npm.yml (4)

• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• actions/setup-node v4.0.2@60edb5dd545a775178f52524783378180af0d1f8 → [Updates: v4.4.0, v6.4.0]
• node 20.x → [Updates: 24.x]

.github/workflows/super-devsecops.yml (21)

• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• actions/setup-node v4.0.2@60edb5dd545a775178f52524783378180af0d1f8 → [Updates: v4.4.0, v6.4.0]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• actions/setup-node v4.0.2@60edb5dd545a775178f52524783378180af0d1f8 → [Updates: v4.4.0, v6.4.0]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• github/codeql-action v3.23.0@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 → [Updates: v3.36.2, v4.36.2]
• github/codeql-action v3.23.0@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 → [Updates: v3.36.2, v4.36.2]
• github/codeql-action v3.23.0@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 → [Updates: v3.36.2, v4.36.2]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]
• ossf/scorecard-action v2.3.1@0864cf19026789058feabb7e87baa5f140aac736 → [Updates: v2.4.3]
• actions/upload-artifact v3.1.3@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 → [Updates: v3.2.2, v7.0.1]
• github/codeql-action v3.23.0@e5f05b81d5b6ff8cfa111c80c22c5fd02a384118 → [Updates: v3.36.2, v4.36.2]
• step-security/harden-runner v2.7.0@63c24ba6bd7ba022e95695ff85de572c04a18142 → [Updates: v2.19.4]
• actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.3]

npm (1)

package.json (15)

• @babel/plugin-proposal-private-property-in-object ^7.21.11
• @testing-library/jest-dom ^6.1.4 → [Updates: ^6.1.4]
• @testing-library/react ^14.1.2 → [Updates: ^14.1.2, ^16.0.0]
• @testing-library/user-event ^14.0.0 → [Updates: ^14.0.0]
• react ^18.2.0 → [Updates: ^18.2.0, ^19.0.0]
• react-dom ^18.2.0 → [Updates: ^18.2.0, ^19.0.0]
• react-scripts 5.0.1
• web-vitals ^3.0.0 → [Updates: ^5.0.0]
• eslint ^8.56.0 → [Updates: ^8.56.0, ^10.0.0]
• eslint-config-standard ^17.1.0
• eslint-plugin-import ^2.29.0 → [Updates: ^2.29.0]
• eslint-plugin-n ^16.6.2 → [Updates: ^18.0.0]
• eslint-plugin-promise ^6.0.0 → [Updates: ^6.0.0, ^7.0.0]
• eslint-plugin-react ^7.33.2 → [Updates: ^7.33.2]
• prettier 3.2.5 → [Updates: 3.8.4]

---

• Check this box to trigger a request for Renovate to run again on this repository