Skip to content

Dependency Dashboard #7

New issue
New issue
Open
Open
Dependency Dashboard#7
@renovate

Description

@renovate
renovate
bot
opened on Jan 21, 2026

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

  • Select this checkbox to let Renovate create an automated Config Migration PR.

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

  • chore(deps): update docker images (composer, docker/dockerfile, php)
  • chore(deps): update github actions (aquasecurity/trivy-action, dependabot/fetch-metadata, github/codeql-action)
  • chore(deps): lock file maintenance
  • 🔐 Create all awaiting schedule PRs at once 🔐

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package aquasecurity/trivy-action).

Files affected: .github/workflows/build.yml, .github/workflows/security.yml

Detected Dependencies

composer (2)
app/composer.json (2)
  • php >=8.5
  • phpbu/phpbu ^6.0
app/full/composer.json (11)
  • php >=8.5
  • phpbu/phpbu ^6.0
  • aws/aws-sdk-php ^3.10
  • google/cloud-storage ^1.42
  • microsoft/azure-storage-blob ^1.4
  • phpseclib/phpseclib ^3.0
  • sebastianfeldmann/ftp ^0.9.2
  • kunalvarma05/dropbox-php-sdk ^0.5
  • guzzlehttp/guzzle ^7.5
  • phpmailer/phpmailer ^7.0
  • vlucas/phpdotenv ^5.0
docker-compose (1)
compose.yml
dockerfile (1)
Dockerfile (4)
  • docker/dockerfile 1.14 → [Updates: 1.21]
  • php 8.5-alpine@sha256:ef23f63dac3c23d4f392b416b6324fdf9f69c642c0c8556d20c0627ad522f27e → [Updates: 8.5-alpine]
  • composer 2@sha256:c404e6f07bdebf8a8c605be5b5fab88eef737f6e4acfba3651d39c824ce224d4 → [Updates: 2]
  • composer 2@sha256:c404e6f07bdebf8a8c605be5b5fab88eef737f6e4acfba3651d39c824ce224d4 → [Updates: 2]
github-actions (7)
.github/workflows/auto-merge.yml (1)
  • dependabot/fetch-metadata v2.3.0@21025c705c08248db411dc16f3619e6b5f9ea21a → [Updates: v2.5.0, v2.3.0]
.github/workflows/build.yml (14)
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • docker/setup-qemu-action v3@c7c53464625b32c7a7e944ae62b3e17d2b600130
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • docker/login-action v3.7.0@c94ce9fb468520275223c153574b00df6fe4bcc9
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
  • aquasecurity/trivy-action v0.34.0@c1824fd6edce30d7ab345a9989de00bbd46ef284 → [Updates: 0.34.1]
  • aquasecurity/trivy-action v0.34.0@c1824fd6edce30d7ab345a9989de00bbd46ef284 → [Updates: 0.34.1]
  • github/codeql-action v4.32.3@9e907b5e64f6b83e7804b09294d44122997950d6 → [Updates: v4.32.4]
  • github/codeql-action v4.32.3@9e907b5e64f6b83e7804b09294d44122997950d6 → [Updates: v4.32.4]
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
  • sigstore/cosign-installer v4.0.0@faadad0cce49287aee09b3a48701e75088a2c6ad
.github/workflows/cleanup-packages.yml (1)
  • actions/delete-package-versions v5@e5bc658cc4c965c472efe991f8beea3981499c55
.github/workflows/release.yml (7)
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • docker/setup-qemu-action v3@c7c53464625b32c7a7e944ae62b3e17d2b600130
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • docker/login-action v3@c94ce9fb468520275223c153574b00df6fe4bcc9
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
  • sigstore/cosign-installer v4.0.0@faadad0cce49287aee09b3a48701e75088a2c6ad
  • softprops/action-gh-release v2@a06a81a03ee405af7f2048a818ed3f03bbf83c7b
.github/workflows/scorecard.yml (3)
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
  • github/codeql-action v4.32.3@9e907b5e64f6b83e7804b09294d44122997950d6 → [Updates: v4.32.4]
.github/workflows/security.yml (7)
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
  • aquasecurity/trivy-action v0.34.0@c1824fd6edce30d7ab345a9989de00bbd46ef284 → [Updates: 0.34.1]
  • github/codeql-action v4.32.3@9e907b5e64f6b83e7804b09294d44122997950d6 → [Updates: v4.32.4]
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • gitleaks/gitleaks-action v2@ff98106e4c7b2bc287b24eaf42907196329070c7
.github/workflows/test.yml (6)
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
  • actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
  • docker/setup-buildx-action v3@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
  • docker/bake-action v6@5be5f02ff8819ecd3092ea6b2e6261c31774f2b4
regex (1)
Dockerfile (2)
  • composer 2@sha256:c404e6f07bdebf8a8c605be5b5fab88eef737f6e4acfba3651d39c824ce224d4 → [Updates: 2]
  • composer 2@sha256:c404e6f07bdebf8a8c605be5b5fab88eef737f6e4acfba3651d39c824ce224d4 → [Updates: 2]
  • Check this box to trigger a request for Renovate to run again on this repository

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions