Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update Node.js to b3ca07a
• Update sigstore/cosign-installer digest to f46f599
• Update Node.js to v18.20.8
• Update actions/checkout action to v5
• Update docker/build-push-action action to v6
• Update docker/login-action action to v3
• Update docker/metadata-action action to v5
• Update docker/setup-buildx-action action to v3
• Update github/codeql-action action to v3
• Update Node.js to v22
• Update sigstore/cosign-installer action to v3
• 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency express to v4.20.0 [SECURITY]
• Update docker/setup-buildx-action digest to 885d146
• Update ghcr.io/sigstore/cosign/cosign:latest Docker digest to f1946d0
• Update github/codeql-action digest to b8d3b6e
• Update helm/kind-action digest to 50ea670
• Update actions/checkout action to v3.6.0
• Update docker/build-push-action action to v3.3.1
• Update docker/login-action action to v2.2.0
• Update docker/metadata-action action to v4.6.0
• Update sigstore/cosign-installer action to v2.8.1
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

dockerfile

Dockerfile

• ghcr.io/sigstore/cosign/cosign latest@sha256:33a6a55d2f1354bc989b791974cf4ee00a900ab9e4e54b393962321758eee3c6
• node 18.6.0-alpine@sha256:cd8f5b451e927f3c5c92016cfaf9d6805999faeded64486d8f76c9d4ef6f1b5c

github-actions

.github/workflows/ci.yml

• actions/checkout v3.0.2@2541b1294d2704b0964813337f33b291d3f8596b
• docker/login-action v2.0.0@49ed152c8eca782a232dede0303416e8f356c37b
• docker/metadata-action v4.0.1@69f6fc9d46f2f8bf0d5491e4aabe0bb8c6a4678a
• docker/setup-buildx-action v2@dc7b9719a96d48369863986a06765841d7ea23f6
• docker/build-push-action v3.0.0@e551b19e49efd4e98792db7592c17c09b89db8d8
• helm/kind-action d08cf6ff1575077dee99962540d77ce91c62387d
• docker/build-push-action v3.0.0@e551b19e49efd4e98792db7592c17c09b89db8d8
• docker/login-action v2.0.0@49ed152c8eca782a232dede0303416e8f356c37b
• sigstore/cosign-installer v2.4.1@48866aa521d8bf870604709cd43ec2f602d03ff2

.github/workflows/security.yml

• actions/checkout v3.0.2@2541b1294d2704b0964813337f33b291d3f8596b
• github/codeql-action v2@3e7e3b32d0fb8283594bb0a76cc60a00918b0969
• github/codeql-action v2@3e7e3b32d0fb8283594bb0a76cc60a00918b0969
• github/codeql-action v2@3e7e3b32d0fb8283594bb0a76cc60a00918b0969
• actions/checkout v3.0.2@2541b1294d2704b0964813337f33b291d3f8596b
• ShiftLeftSecurity/scan-action master
• github/codeql-action v2@3e7e3b32d0fb8283594bb0a76cc60a00918b0969

npm

package.json

• express ^4.17.2
• localtunnel 2.0.2

---

• Check this box to trigger a request for Renovate to run again on this repository