Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository Problems

These problems occurred while renovating this repository. View logs.

• ⚠️ WARN: Package lookup failures

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (6)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
pep621	fastapi-filter	2024-12-07
pep621	inflect	2024-12-28
pep621	loguru	2024-12-06
pep621	piexif	2019-07-01
pep621	python-slugify	2024-02-08
pep621	zxcvbn	2025-02-19

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• chore(deps): update dependency pnpm to v11
• chore(deps): update docs-site-runtime-tooling (major) (pnpm, typescript)
• chore(deps): update frontend-web-runtime-tooling (major) (pnpm, typescript)
• chore(deps): update repo-tooling (major) (pnpm, syncpack)
• 🔐 Create all pending approval PRs at once 🔐

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update dependency just to v1.51.0
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (docker package alpine).

Files affected: backend/Dockerfile.user-upload-backups

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency astro to v6.1.10 [security]
• chore(deps): update dependency mermaid to v11.15.0 [security]
• chore(deps): update containers-compose (cloudflare/cloudflared, postgres, redis)
• chore(deps): update frontend-web-runtime-tooling (caddy, docker/dockerfile, node, pnpm)
• fix(deps): update frontend-app-runtime-tooling (caddy, docker/dockerfile, node, pnpm, react, react-dom, react-native, react-native-gesture-handler, react-native-keyboard-controller, react-native-reanimated, react-native-safe-area-context, react-native-screens, react-native-svg, react-native-webview, react-native-worklets)
• chore(deps): update dependency pnpm to v10.33.4
• chore(deps): update dependency python to v3.14.5
• chore(deps): update dependency uv to v0.11.16
• chore(deps): update repo-tooling (astral-sh/uv-pre-commit, commitizen-tools/commitizen, pnpm)
• chore(deps): update backend-python-runtime (alpine, docker/dockerfile, ghcr.io/astral-sh/uv, python)
• fix(deps): update docs-site-runtime-tooling (@astrojs/starlight, caddy, docker/dockerfile, node, pnpm)
• fix(deps): update frontend-app-runtime-tooling (major) (@expo/metro-runtime, @jest/globals, @react-native-async-storage/async-storage, @types/jest, expo, expo-auth-session, expo-blur, expo-constants, expo-font, expo-haptics, expo-image, expo-image-manipulator, expo-image-picker, expo-linear-gradient, expo-linking, expo-router, expo-secure-store, expo-splash-screen, expo-status-bar, expo-symbols, expo-system-ui, expo-video, expo-web-browser, jest, jest-expo, pnpm, typescript)
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

asdf (1)

.tool-versions (4)

• pnpm 10.33.0 → [Updates: 10.33.4, 11.2.2]
• python 3.14.3 → [Updates: 3.14.5]
• uv 0.11.7 → [Updates: 0.11.16]
• just 1.50.0 → [Updates: 1.51.0]

devcontainer (1)

.devcontainer/devcontainer.json (3)

• ghcr.io/devcontainers/features/git 1
• ghcr.io/devcontainers-extra/features/expo-cli 1
• ghcr.io/jsburckhardt/devcontainer-features/uv 1

docker-compose (6)

compose.ci.yaml

compose.deploy.yaml (2)

• cloudflare/cloudflared latest@sha256:89ee50efb1e9cb2ae30281a8a404fed95eb8f02f0a972617526f8c5b417acae2 → [Updates: latest]
• prodrigestivill/postgres-backup-local 18@sha256:f70742ebe42b2277689b028d1fd15aa80f77cffa01da163cc9f85a6ff1866e7f

compose.dev.yaml

compose.e2e.yaml (2)

• redis 8-alpine@sha256:81b6f81d6a6c5b9019231a2e8eb10085e3a139a34f833dcc965a8a959b040b72 → [Updates: 8-alpine]
• postgres 18 → [Updates: 18]

compose.logging.loki.yaml

compose.yaml (2)

• redis 8-alpine@sha256:81b6f81d6a6c5b9019231a2e8eb10085e3a139a34f833dcc965a8a959b040b72 → [Updates: 8-alpine]
• postgres 18 → [Updates: 18]

dockerfile (6)

backend/Dockerfile (4)

• docker/dockerfile 1 → [Updates: 1]
• ghcr.io/astral-sh/uv 0.11-python3.14-trixie-slim@sha256:37ec7fe8c82064a87c1c3d57e8ef5ff108b64bc34b17f64a4c00094b64928330 → [Updates: 0.11-python3.14-trixie-slim]
• ghcr.io/astral-sh/uv 0.11-python3.14-trixie-slim@sha256:37ec7fe8c82064a87c1c3d57e8ef5ff108b64bc34b17f64a4c00094b64928330 → [Updates: 0.11-python3.14-trixie-slim]
• python 3.14-slim-trixie@sha256:bc389f7dfcb21413e72a28f491985326994795e34d2b86c8ae2f417b4e7818aa → [Updates: 3.14-slim-trixie]

backend/Dockerfile.migrations (3)

• docker/dockerfile 1 → [Updates: 1]
• ghcr.io/astral-sh/uv 0.11-python3.14-trixie-slim@sha256:37ec7fe8c82064a87c1c3d57e8ef5ff108b64bc34b17f64a4c00094b64928330 → [Updates: 0.11-python3.14-trixie-slim]
• python 3.14-slim-trixie@sha256:bc389f7dfcb21413e72a28f491985326994795e34d2b86c8ae2f417b4e7818aa → [Updates: 3.14-slim-trixie]

backend/Dockerfile.user-upload-backups (2)

• docker/dockerfile 1 → [Updates: 1]
• alpine 3.22@sha256:55ae5d250caebc548793f321534bc6a8ef1d116f334f18f4ada1b2daad3251b2 → [Updates: 3.23]

docs/Dockerfile (3)

• docker/dockerfile 1 → [Updates: 1]
• node 24-slim@sha256:d8e448a56fc63242f70026718378bd4b00f8c82e78d20eefb199224a4d8e33d8 → [Updates: 24-slim]
• caddy 2-alpine@sha256:834468128c7696cec0ceea6172f7d692daf645ae51983ca76e39da54a97c570d → [Updates: 2-alpine]

frontend-app/Dockerfile (3)

• docker/dockerfile 1 → [Updates: 1]
• node 24-slim@sha256:d8e448a56fc63242f70026718378bd4b00f8c82e78d20eefb199224a4d8e33d8 → [Updates: 24-slim]
• caddy 2-alpine@sha256:fce4f15aad23222c0ac78a1220adf63bae7b94355d5ea28eee53910624acedfa → [Updates: 2-alpine]

frontend-web/Dockerfile (3)

• docker/dockerfile 1 → [Updates: 1]
• node 24-slim@sha256:d8e448a56fc63242f70026718378bd4b00f8c82e78d20eefb199224a4d8e33d8 → [Updates: 24-slim]
• caddy 2-alpine@sha256:834468128c7696cec0ceea6172f7d692daf645ae51983ca76e39da54a97c570d → [Updates: 2-alpine]

github-actions (8)

.github/actions/detect-ci-changes/action.yml

.github/actions/detect-security-changes/action.yml

.github/actions/setup-runtime/action.yml

.github/actions/upload-codecov/action.yml

.github/workflows/ops.yml

.github/workflows/release.yml

.github/workflows/security.yml

.github/workflows/validate.yml

npm (4)

docs/package.json (16)

• @astrojs/mdx ^5.0.4
• @astrojs/starlight ^0.38.3 → [Updates: ^0.39.0]
• astro ^6.1.9 → [Updates: ^6.1.9]
• mermaid ^11.14.0 → [Updates: ^11.14.0]
• @astrojs/check ^0.9.8
• @axe-core/playwright ^4.11.2
• @biomejs/biome ^2.4.12
• @playwright/test ^1.59.1
• @types/node ^25.6.0
• linkinator ^7.6.1
• markdownlint-cli2 ^0.22.1
• playwright ^1.59.1
• typescript ^5.9.3 → [Updates: ^6.0.0]
• node 24.x
• pnpm 10.x → [Updates: 11.x]
• pnpm 10.33.0 → [Updates: 10.33.4, 11.2.2]

frontend-app/package.json (70)

• @expo/metro-runtime ~55.0.10 → [Updates: ~56.0.0]
• @expo/vector-icons ^15.1.1
• @hookform/resolvers ^5.2.2
• @react-native-async-storage/async-storage 2.2.0 → [Updates: 3.1.0]
• @react-navigation/bottom-tabs ^7.15.5
• @react-navigation/elements ^2.9.14
• @react-navigation/native ^7.1.33
• @tanstack/react-query ^5.99.2
• expo ~55.0.17 → [Updates: ~56.0.0]
• expo-auth-session ~55.0.15 → [Updates: ~56.0.0]
• expo-blur ~55.0.14 → [Updates: ~56.0.0]
• expo-constants ~55.0.15 → [Updates: ~56.0.0]
• expo-font ~55.0.6 → [Updates: ~56.0.0]
• expo-haptics ~55.0.14 → [Updates: ~56.0.0]
• expo-image ~55.0.9 → [Updates: ~56.0.0]
• expo-image-manipulator ~55.0.15 → [Updates: ~56.0.0]
• expo-image-picker ~55.0.19 → [Updates: ~56.0.0]
• expo-linear-gradient ~55.0.13 → [Updates: ~56.0.0]
• expo-linking ~55.0.14 → [Updates: ~56.0.0]
• expo-router ~55.0.13 → [Updates: ~56.2.0]
• expo-secure-store ~55.0.13 → [Updates: ~56.0.0]
• expo-splash-screen ~55.0.19 → [Updates: ~56.0.0]
• expo-status-bar ~55.0.5 → [Updates: ~56.0.0]
• expo-symbols ~55.0.7 → [Updates: ~56.0.0]
• expo-system-ui ~55.0.16 → [Updates: ~56.0.0]
• expo-video ^55.0.15 → [Updates: ^56.0.0]
• expo-web-browser ~55.0.14 → [Updates: ~56.0.0]
• hls.js ^1.6.16
• react 19.2.0 → [Updates: 19.2.6]
• react-dom 19.2.0 → [Updates: 19.2.6]
• react-hook-form ^7.73.1
• react-native 0.83.6 → [Updates: 0.85.3]
• react-native-gesture-handler ~2.30.1 → [Updates: ~2.31.0]
• react-native-keyboard-controller 1.20.7 → [Updates: 1.21.8]
• react-native-paper ^5.15.1
• react-native-reanimated 4.2.1 → [Updates: 4.3.1]
• react-native-safe-area-context ~5.6.2 → [Updates: ~5.8.0]
• react-native-screens ~4.23.0 → [Updates: ~4.25.0]
• react-native-svg 15.15.3 → [Updates: 15.15.5]
• react-native-web ^0.21.2
• react-native-webview 13.16.0 → [Updates: 13.16.1]
• react-native-worklets 0.7.4 → [Updates: 0.8.3]
• use-debounce ^10.1.1
• zod ^4.3.6
• zustand ^5.0.12
• @babel/core ^7.29.0
• @biomejs/biome ^2.4.12
• @jest/globals ~29.7.0 → [Updates: ~30.4.0]
• @playwright/test ^1.59.1
• @testing-library/react-native ^13.3.3
• @types/jest ^29.5.14 → [Updates: ^30.0.0]
• @types/react ~19.2.14
• @typescript-eslint/parser ^8.59.0
• babel-plugin-react-compiler ^1.0.0
• baseline-browser-mapping ^2.10.21
• eslint ^10.2.1
• eslint-plugin-react-hooks ^7.1.1
• eslint-plugin-react-refresh ^0.5.2
• jest ~29.7.0 → [Updates: ~30.4.0]
• jest-expo ~55.0.16 → [Updates: ~56.0.0]
• msw ^2.13.5
• openapi-typescript ^7.13.0
• serve ^14.2.6
• ts-node ^10.9.2
• typescript ^5.9.3 → [Updates: ^6.0.0]
• node 24.x
• pnpm 10.x → [Updates: 11.x]
• pnpm 10.33.0 → [Updates: 10.33.4, 11.2.2]
• @tootallnate/once ^3.0.1
• uuid ^14.0.0

frontend-web/package.json (14)

• @astrojs/sitemap ^3.7.2
• astro ^6.1.9 → [Updates: ^6.1.9]
• @astrojs/check ^0.9.8
• @axe-core/playwright ^4.11.2
• @biomejs/biome ^2.4.12
• @playwright/test ^1.59.1
• @types/node ^25.6.0
• @vitest/coverage-v8 ^4.1.5
• happy-dom ^20.9.0
• typescript ^5.9.3 → [Updates: ^6.0.0]
• vitest ^4.1.5
• node 24.x
• pnpm 10.x → [Updates: 11.x]
• pnpm 10.33.0 → [Updates: 10.33.4, 11.2.2]

package.json (6)

• @biomejs/biome ^2.4.12
• cspell ^10.0.0
• syncpack ^14.3.0 → [Updates: ^15.0.0]
• node 24.x
• pnpm 10.x → [Updates: 11.x]
• pnpm 10.33.0 → [Updates: 10.33.4, 11.2.2]

pep621 (2)

backend/pyproject.toml (56)

• python >=3.14
• fastapi-filter >=2.0.1
• fastapi-mail >=1.6.2
• fastapi-pagination >=0.13.2
• fastapi >=0.115.14
• uvicorn >=0.42.0
• asyncpg >=0.30.0
• email-validator >=2.2.0
• cashews >=7.5.0
• fastapi-users >=14.0.1
• pyjwt >=2.12.1
• inflect >=7.5.0
• redis >=5.2.1
• limits >=5.8.0
• sqlalchemy >=2.0.41
• httpx >=0.28.1
• relab-rpi-cam-models >=0.3.1
• zxcvbn >=4.4.28
• loguru >=0.7.3
• pydantic >=2.12
• pydantic-extra-types >=2.10.5
• pydantic-settings >=2.10.1
• python-dotenv >=1.1.1
• python-slugify >=8.0.4
• piexif >=1.1.3
• pillow >=11.2.1
• opentelemetry-api >=1.41.0
• opentelemetry-sdk >=1.41.0
• opentelemetry-exporter-otlp-proto-http >=1.41.0
• opentelemetry-instrumentation-fastapi >=0.62b0
• opentelemetry-instrumentation-sqlalchemy >=0.62b0
• opentelemetry-instrumentation-httpx >=0.62b0
• mjml >=0.11.1
• ruff >=0.12.1
• ty >=0.0.15
• alembic >=1.16.2
• alembic-postgresql-enum >=1.7.0
• psycopg >=3.2.9
• boto3 >=1.38.0
• openpyxl >=3.1.5
• pandas >=2.3.3
• requests >=2.32.0
• opencv-python >=4.0
• websockets >=14.0
• pytest-asyncio >=1.0.0
• pytest-cov >=6.2.1
• pytest-xdist >=3.5.0
• pytest >=8.4.1
• httpx >=0.27.0
• faker >=33.3.0
• polyfactory >=2.15.0
• pytest-alembic >=0.12.1
• testcontainers >=4.8.2
• fakeredis >=2.25.0
• dirty-equals >=0.8.0
• pytest-mock >=3.14.0

pyproject.toml (3)

• python >=3.14
• commitizen >=4.8.3
• pre-commit >=4.2.0

pre-commit (1)

.pre-commit-config.yaml (8)

• gitleaks/gitleaks v8.30.1
• executablebooks/mdformat 1.0.0
• pre-commit/pre-commit-hooks v6.0.0
• rhysd/actionlint v1.7.12
• shellcheck-py/shellcheck-py v0.11.0.1
• commitizen-tools/commitizen v4.13.9 → [Updates: v4.16.2]
• simonvanlierde/check-json5 v1.1.0
• astral-sh/uv-pre-commit 0.11.1 → [Updates: 0.11.16]

pyenv (1)

backend/.python-version (1)

• python 3.14

---

• Check this box to trigger a request for Renovate to run again on this repository