Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependency Dashboard #3

Open
10 tasks
ramonpetgrave64 opened this issue Apr 3, 2024 · 0 comments
Open
10 tasks

Dependency Dashboard #3

ramonpetgrave64 opened this issue Apr 3, 2024 · 0 comments

Comments

@ramonpetgrave64
Copy link
Owner

ramonpetgrave64 commented Apr 3, 2024
edited
Loading

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

Renovate tried to run on this repository, but found these problems.

  • WARN: Found renovate config warnings

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

  • chore(deps): update npm dev (@types/node, typescript)
  • fix(deps): update dependency @actions/core to v1.10.1
  • chore(deps): update slsa-framework/slsa-verifier action to v2.5.1
  • fix(deps): update dependency org.apache.maven.plugin-tools:maven-plugin-annotations to v3.12.0
  • fix(deps): update go (github.com/go-openapi/runtime, github.com/google/go-containerregistry, github.com/sigstore/cosign/v2, github.com/sigstore/fulcio, github.com/sigstore/protobuf-specs, github.com/sigstore/rekor, github.com/sigstore/sigstore, github.com/slsa-framework/slsa-github-generator, golang.org/x/mod, sigs.k8s.io/release-utils)
  • chore(deps): update npm dev (major) (@types/jasmine, @types/node)
  • 🔐 Create all rate-limited PRs at once 🔐

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

  • chore(deps): update golang docker tag to v1.22

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (docker package gcr.io/distroless/base), Could not determine new digest for update (github-tags package thehanimo/pr-title-checker).

Files affected: cli/experimental/service/Dockerfile, .github/workflows/pr-title.yml

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

Detected dependencies

dockerfile
cli/experimental/service/Dockerfile
  • golang 1.21@sha256:ec457a2fcd235259273428a24e09900c496d0c52207266f96a330062a01e3622
  • gcr.io/distroless/base nonroot@sha256:1a8ece87bd75cde87d0484ef48eb60ea25811baf90967265956ae4fa2098dd9d
github-actions
.github/workflows/codeql-analysis.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-go v5.0.0@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
  • github/codeql-action v3.24.9@1b1aada464948af03b950897e5eb522f92603cc2
  • github/codeql-action v3.24.9@1b1aada464948af03b950897e5eb522f92603cc2
  • github/codeql-action v3.24.9@1b1aada464948af03b950897e5eb522f92603cc2
.github/workflows/depsreview.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/dependency-review-action v4.2.5@5bbc3ba658137598168acb2ab73b21c432dd411b
.github/workflows/e2e.schedule.cli.yml
  • actions/download-artifact v4.1.4@c850b930e6ba138125429b7e5c93fc707a7f8427
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
.github/workflows/e2e.schedule.installer.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
.github/workflows/pr-title.yml
  • thehanimo/pr-title-checker v1@e914bff8ab5e6f1a6a270da6954cd6bfd1d7f1fb
.github/workflows/pre-submit.actions.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-node v4.0.2@60edb5dd545a775178f52524783378180af0d1f8
  • actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
.github/workflows/pre-submit.cli.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-go v5.0.0@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
  • actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
.github/workflows/pre-submit.e2e.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-go v5.0.0@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
.github/workflows/pre-submit.lfs.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actionsdesk/lfs-warning v3.2@e5f9a4c21f4bee104db7c0f23954dde59e5df909
.github/workflows/pre-submit.lint.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-go v5.0.0@0c52d547c9bc32b1aa3301fd7a9cb496313a4491
  • golangci/golangci-lint-action v4
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/setup-node v4
.github/workflows/pre-submit.references.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
.github/workflows/release.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • slsa-framework/slsa-github-generator v1.10.0
  • slsa-framework/slsa-verifier v2.4.1
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
.github/workflows/scorecards.yml
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11
  • ossf/scorecard-action v2.3.1@0864cf19026789058feabb7e87baa5f140aac736
  • actions/upload-artifact v4.3.1@5d5d22a31266ced268874388b861e4b58bb5c2f3
  • github/codeql-action v3.24.9@1b1aada464948af03b950897e5eb522f92603cc2
gomod
go.mod
  • go 1.21
  • github.com/docker/go v1.5.1-1
  • github.com/go-openapi/runtime v0.27.0
  • github.com/google/go-cmp v0.6.0
  • github.com/in-toto/in-toto-golang v0.9.0
  • github.com/secure-systems-lab/go-securesystemslib v0.8.0
  • github.com/sigstore/rekor v1.3.4
  • github.com/sigstore/sigstore v1.8.1
  • github.com/google/go-containerregistry v0.18.0
  • github.com/gorilla/mux v1.8.1
  • github.com/sigstore/cosign/v2 v2.2.0
  • github.com/slsa-framework/slsa-github-generator v1.9.0
  • github.com/spf13/cobra v1.8.0
  • golang.org/x/mod v0.14.0
  • sigs.k8s.io/release-utils v0.7.7
  • github.com/sigstore/fulcio v1.4.3
  • github.com/sigstore/protobuf-specs v0.2.1
  • golang.org/x/exp v0.0.0-20231006140011-7918f672742d@7918f672742d
  • google.golang.org/protobuf v1.33.0
maven
experimental/maven-plugin/pom.xml
  • org.apache.maven:maven-core 3.9.6
  • org.apache.maven:maven-plugin-api 3.9.6
  • org.apache.maven.plugin-tools:maven-plugin-annotations 3.11.0
  • org.apache.maven:maven-project 2.2.1
  • org.twdata.maven:mojo-executor 2.4.0
npm
actions/installer/package.json
  • @actions/core ^1.9.1
  • @actions/exec ^1.1.1
  • @actions/github ^6.0.0
  • @actions/io ^1.1.2
  • @actions/tool-cache ^2.0.1
  • nodejs ^0.0.0
  • @types/jasmine 4.6.4
  • @types/node 18.19.28
  • @vercel/ncc 0.38.1
  • eslint ^8.57.0
  • eslint-plugin-github 4.10.2
  • eslint-plugin-prettier ^5.1.3
  • jasmine 5.1.0
  • typescript ^5.4.3
  • typescript-eslint ^7.5.0
package.json
  • markdown-toc ^1.2.0
@ramonpetgrave64 ramonpetgrave64 closed this as not planned Won't fix, can't repro, duplicate, stale Apr 3, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ramonpetgrave64