Dependency Dashboard

[renovate-sh-app]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Package lookup failures

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (2)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
cargo	pretty_env_logger	2023-05-18
github-actions	robinraju/release-downloader	2025-03-06

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update rust crate pyroscope to v2.0.1

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package actions/setup-python), Could not determine new digest for update (github-tags package actions/download-artifact), Could not determine new digest for update (github-tags package robinraju/release-downloader).

Files affected: .github/workflows/ci.yml, .github/workflows/publish.yml, .github/workflows/release.yml

---

Other Branches

The following updates are pending. To force the creation of a PR, click on a checkbox below.

• chore(deps): pin dependencies (quay.io/pypa/manylinux2014_x86_64, quay.io/pypa/musllinux_1_2_x86_64)

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update googleapis/release-please-action digest to 5c625bf
• chore(deps): update actions/upload-artifact action to v7.0.1
• chore(deps): update rust crate libc to v0.2.185
• chore(deps): update softprops/action-gh-release action to v2.6.2
• chore(deps): update softprops/action-gh-release action to v3
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

cargo (1)

rust/Cargo.toml (5)

• pyroscope 2.0.0 → [Updates: 2.0.0]
• py-spy 5f1661d
• pretty_env_logger 0.5
• log 0.4
• libc 0.2 → [Updates: 0.2]

dockerfile (2)

docker/wheel-musllinux.Dockerfile (2)

• docker/dockerfile 1.23@sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769
• quay.io/pypa/musllinux_1_2_x86_64 unknown version → [Updates: undefined]

docker/wheel.Dockerfile (2)

• docker/dockerfile 1.23@sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769
• quay.io/pypa/manylinux2014_x86_64 unknown version → [Updates: undefined]

github-actions (6)

.github/workflows/ci-rust.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/ci.yml (15)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python 6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact 8.0.1@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python 6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python 6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• python 3.11
• python 3.10
• python 3.11

.github/workflows/pr-title-check.yml

.github/workflows/publish.yml (2)

• robinraju/release-downloader 1.12@daf26c55d821e836577a15f77d86ddc078948b05
• pypa/gh-action-pypi-publish v1.14.0@cef221092ed1bacb1cc03d23a2d87d1d172e277b

.github/workflows/release-please.yml (2)

• googleapis/release-please-action v4@16a9c90856f42705d54a6fda1823352bdc62cf38 → [Updates: v4]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/release.yml (15)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• softprops/action-gh-release v2.6.1@153bb8e04406b158c6c84fc1615b65b24149a1fe → [Updates: v2.6.2, v3.0.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python 6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• softprops/action-gh-release v2.6.1@153bb8e04406b158c6c84fc1615b65b24149a1fe → [Updates: v2.6.2, v3.0.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python 6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7.0.1]
• softprops/action-gh-release v2.6.1@153bb8e04406b158c6c84fc1615b65b24149a1fe → [Updates: v2.6.2, v3.0.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• softprops/action-gh-release v2.6.1@153bb8e04406b158c6c84fc1615b65b24149a1fe → [Updates: v2.6.2, v3.0.0]
• python 3.11
• python 3.10

poetry (1)

pyproject.toml (1)

• cffi >=2.0.0,<3.0.0

regex (2)

docker/wheel-musllinux.Dockerfile (1)

• openssl/openssl 3.5.6 → [Updates: 3.6.2, 4.0.0]

docker/wheel.Dockerfile (1)

• openssl/openssl 3.5.6 → [Updates: 3.6.2, 4.0.0]

---

Need help?

You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section.