Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• chore(deps): update actions/checkout action to v6
• chore(deps): update actions/create-github-app-token action to v2
• chore(deps): update actions/setup-node action to v6
• chore(deps): update aws-actions/configure-aws-credentials action to v5
• chore(deps): update dependency @biomejs/biome to v2
• chore(deps): update dependency cryptography to v46
• chore(deps): update dependency pino-pretty to v13
• chore(deps): update dependency vite-tsconfig-paths to v6
• chore(deps): update dependency vitest to v4
• fix(deps): update dependency dotenv to v17
• fix(deps): update dependency express to v5 (express, @types/express)
• fix(deps): update dependency jose to v6
• fix(deps): update dependency node to v24 (node, @types/node)
• fix(deps): update dependency pg-promise to v12
• fix(deps): update dependency pino to v10
• fix(deps): update dependency rate-limiter-flexible to v9
• fix(deps): update dependency redis to v5
• 🔐 Create all pending approval PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update dependency got to v14.6.6

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update all non-major github action dependencies (aws-actions/amazon-ecs-deploy-task-definition, aws-actions/amazon-ecs-render-task-definition)
• chore(deps): update all minor dependencies (@aws-sdk/client-dynamodb, @aws-sdk/client-s3, @aws-sdk/client-secrets-manager, @aws-sdk/client-sqs, @aws-sdk/lib-dynamodb, @aws-sdk/s3-request-presigner, @aws-sdk/types, pnpm)
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

devcontainer (1)

.devcontainer/devcontainer.json (5)

• mcr.microsoft.com/vscode/devcontainers/base debian@sha256:30b0a0c004ca94d36c323ee993361a7e0ae25ea255ea125201e8a9587501c324
• ghcr.io/devcontainers/features/node 1
• node 22.21.1 → [Updates: 24.12.0]
• ghcr.io/devcontainers/features/python 1
• python 3.14

dockerfile (1)

Dockerfile (2)

• node 22.12.0-alpine3.19@sha256:40dc4b415c17b85bea9be05314b4a753f45a4e1716bb31c01182e6c53d51a654
• node 22.12.0-alpine3.19@sha256:40dc4b415c17b85bea9be05314b4a753f45a4e1716bb31c01182e6c53d51a654

github-actions (12)

.github/workflows/dependency-review.yml (2)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• actions/dependency-review-action v4.8.2@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261

.github/workflows/docker-vulnerability-scan.yml (3)

• aws-actions/configure-aws-credentials v4.3.1@7474bc4690e29a8392af63c5b98e7449536d5c3a → [Updates: v5.1.1]
• aws-actions/amazon-ecr-login d63b14614fe5d7fc5e5e52c523dea4e876816cc4
• cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f

.github/workflows/labels.yml (1)

• cds-snc/labels v1

.github/workflows/prod-deploy.yml (5)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• aws-actions/configure-aws-credentials v4.3.1@7474bc4690e29a8392af63c5b98e7449536d5c3a → [Updates: v5.1.1]
• aws-actions/amazon-ecs-render-task-definition v1.8.1@cbed19f1b86bbb18f59cfffde7107b93cc9b75da → [Updates: v1.8.2]
• aws-actions/amazon-ecs-deploy-task-definition v2.5.0@7b5ba17dae98c8fd463ddf2cef977d3be43322c5 → [Updates: v2.5.1]
• cds-snc/sentinel-forward-data-action main

.github/workflows/prod-docker-build-push.yml (4)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• aws-actions/configure-aws-credentials v4.3.1@7474bc4690e29a8392af63c5b98e7449536d5c3a → [Updates: v5.1.1]
• aws-actions/amazon-ecr-login d63b14614fe5d7fc5e5e52c523dea4e876816cc4
• cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f

.github/workflows/release-generator.yml (2)

• actions/create-github-app-token v1.12.0@d72941d797fd3113feb6b93fd0dec494b13a2547 → [Updates: v2.2.1]
• googleapis/release-please-action v4.4.0@16a9c90856f42705d54a6fda1823352bdc62cf38

.github/workflows/shellcheck.yml (1)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]

.github/workflows/staging-deploy.yml (5)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• aws-actions/configure-aws-credentials v4.3.1@7474bc4690e29a8392af63c5b98e7449536d5c3a → [Updates: v5.1.1]
• aws-actions/amazon-ecs-render-task-definition v1.8.1@cbed19f1b86bbb18f59cfffde7107b93cc9b75da → [Updates: v1.8.2]
• aws-actions/amazon-ecs-deploy-task-definition v2.5.0@7b5ba17dae98c8fd463ddf2cef977d3be43322c5 → [Updates: v2.5.1]
• cds-snc/sentinel-forward-data-action main

.github/workflows/staging-docker-build-push.yml (4)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• aws-actions/configure-aws-credentials v4.3.1@7474bc4690e29a8392af63c5b98e7449536d5c3a → [Updates: v5.1.1]
• aws-actions/amazon-ecr-login d63b14614fe5d7fc5e5e52c523dea4e876816cc4
• cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f

.github/workflows/test-code.yml (3)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]
• actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020 → [Updates: v6.1.0]
• node 22.21.1 → [Updates: 24.12.0]

.github/workflows/test-docker-build.yml (1)

• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.1]

.github/workflows/workflow-failure.yml

npm (3)

examples/nodejs/package.json (4)

• axios ^1.12.0
• jose ^6.0.10
• @types/node ^22.14.1 → [Updates: ^24.0.0]
• typescript ^5.8.3

package.json (32)

• @aws-sdk/client-dynamodb ^3.823.0 → [Updates: ^3.823.0]
• @aws-sdk/client-s3 ^3.823.0 → [Updates: ^3.823.0]
• @aws-sdk/client-secrets-manager ^3.823.0 → [Updates: ^3.823.0]
• @aws-sdk/client-sqs ^3.823.0 → [Updates: ^3.823.0]
• @aws-sdk/lib-dynamodb ^3.823.0 → [Updates: ^3.823.0]
• @aws-sdk/s3-request-presigner ^3.859.0 → [Updates: ^3.859.0]
• cors ^2.8.5
• dotenv ^16.4.5 → [Updates: ^17.0.0]
• express ^4.21.0 → [Updates: ^5.0.0]
• express-validator ^7.2.0
• got ^14.4.7 → [Updates: ^14.4.7]
• jose ^5.9.3 → [Updates: ^6.0.0]
• pg-promise ^11.9.1 → [Updates: ^12.0.0]
• pino ^9.4.0 → [Updates: ^10.0.0]
• rate-limiter-flexible ^5.0.4 → [Updates: ^9.0.0]
• redis ^4.7.0 → [Updates: ^5.0.0]
• @aws-sdk/types ^3.662.0 → [Updates: ^3.662.0]
• @biomejs/biome ^1.9.0 → [Updates: ^2.0.0]
• @types/cors ^2.8.18
• @types/express ^4.17.21 → [Updates: ^5.0.0]
• @types/node ^22.7.4 → [Updates: ^24.0.0]
• @types/supertest ^6.0.2
• aws-sdk-client-mock ^4.0.2
• pino-pretty ^11.2.2 → [Updates: ^13.0.0]
• supertest ^7.0.0
• tsc-alias ^1.8.15
• tsx ^4.19.1
• typescript ^5.6.2
• vite-tsconfig-paths ^5.0.1 → [Updates: ^6.0.0]
• vitest ^2.1.9 → [Updates: ^4.0.0]
• vitest-mock-express ^2.2.0
• pnpm 10.25.0 → [Updates: 10.26.2]

utils/responseRetriever/package.json (8)

• @types/node ^22.7.4 → [Updates: ^24.0.0]
• axios ^1.12.0
• dotenv ^16.4.5 → [Updates: ^17.0.0]
• jose ^5.9.3 → [Updates: ^6.0.0]
• pino ^9.4.0 → [Updates: ^10.0.0]
• tsx ^4.19.1
• typescript ^5.6.2
• pino-pretty ^11.2.2 → [Updates: ^13.0.0]

pip_requirements (1)

examples/python/requirements.txt (4)

• PyJWT ==2.10.1
• httpx ==0.28.1
• cryptography ==44.0.3 → [Updates: ==46.0.3]
• requests ==2.32.5

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository