Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (2)

Datasource	Name	Last Updated
github-actions	fkirc/skip-duplicate-actions	2023-10-09

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• build(deps): update module github.com/cenkalti/backoff/v4 to v5
• chore(deps): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
• chore(deps): update quay.io/containers/podman docker tag to v5
• chore(deps): update sigstore/cosign-installer action to v4
• 🔐 Create all pending approval PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): pin dependencies (actions/download-artifact, actions/upload-artifact, fkirc/skip-duplicate-actions, imjasonh/setup-crane)
• chore(deps): update actions/download-artifact action to v4.3.0
• chore(deps): update actions/upload-artifact action to v4.6.2
• chore(deps): update fkirc/skip-duplicate-actions action to v5.3.1
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (2)

• docker.io/busybox 1.37.0@sha256:2383baad1860bbe9d8a7a843775048fd07d8afe292b94bd876df64a69aae7cb1 → [Updates: 1.37.0]
• docker.io/alpine 3.23.3@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659

github-actions (2)

.github/workflows/container.yml (10)

• fkirc/skip-duplicate-actions v5 → [Updates: v5.3.1, v5]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5
• goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a
• actions/upload-artifact v4 → [Updates: v4.6.2, v6.0.0, v4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v4 → [Updates: v4.3.0, v7.0.0, v4]
• sigstore/cosign-installer v3.10.1@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 → [Updates: v4.0.0]
• imjasonh/setup-crane v0.4 → [Updates: v0.4]
• quay.io/containers/podman v4.9.4 → [Updates: v5.7.1]

.github/workflows/go-lint.yml (4)

• fkirc/skip-duplicate-actions v5 → [Updates: v5.3.1, v5]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5
• golangci/golangci-lint-action v9.2.0@1e7e51e771db61008b38414a730f564565cf7c20

gomod (1)

go.mod (12)

• go 1.24.0
• go 1.25.6
• buf.build/gen/go/parca-dev/parca/connectrpc/go v1.19.1-20251203114737-dab2f094ec25.2@dab2f094ec25
• buf.build/gen/go/parca-dev/parca/protocolbuffers/go v1.36.11-20251203114737-dab2f094ec25.1@dab2f094ec25
• connectrpc.com/connect v1.19.1
• github.com/cenkalti/backoff/v4 v4.3.0 → [Updates: v5.0.3]
• github.com/hashicorp/vault/api v1.22.0
• github.com/hashicorp/vault/api/auth/kubernetes v0.10.0
• github.com/oklog/run v1.2.0
• github.com/prometheus/client_golang v1.23.2
• golang.org/x/sync v0.19.0
• google.golang.org/protobuf v1.36.11

regex (1)

.github/workflows/go-lint.yml (1)

• github.com/golangci/golangci-lint v2.8.0

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository