Dependency Dashboard (self-hosted)

[renovate-gsuquet]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed

See Config Migration PR: #139.

Repository problems

Renovate tried to run on this repository, but found these problems.

• WARN: Package lookup failures

Note

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (1)

Datasource	Name	Last Updated
github-actions	python-semantic-release/upload-to-gh-release	2024-09-27

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release.
Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• fix(deps): update actions/checkout action to v6
• fix(deps): update actions/first-interaction action to v3
• fix(deps): update actions/github-script action to v8
• fix(deps): update actions/labeler action to v6
• fix(deps): update actions/setup-python action to v6
• fix(deps): update actions/stale action to v10
• fix(deps): update codecov/codecov-action action to v5
• fix(deps): update dependency pre-commit/pre-commit to v4
• fix(deps): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
• fix(deps): update github/codeql-action action to v4
• fix(deps): update mcr.microsoft.com/devcontainers/python docker tag to v3
• fix(deps): update python-semantic-release/python-semantic-release action to v10
• 🔐 Create all pending approval PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Failed to look up docker package ghcr.io/devcontainers-contrib/features/pre-commit, Failed to look up docker package ghcr.io/devcontainers-contrib/features/act.

Files affected: .devcontainer/devcontainer.json

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• fix(deps): update codacy/codacy-analysis-cli-action action to v4.4.7
• fix(deps): update python-semantic-release/upload-to-gh-release action to v9.8.9
• fix(deps): update actions/checkout action to v4.3.1
• fix(deps): update actions/dependency-review-action action to v4.8.2
• fix(deps): update actions/download-artifact action to v4.3.0
• fix(deps): update actions/github-script action to v7.1.0
• fix(deps): update actions/setup-python action to v5.6.0
• fix(deps): update actions/stale action to v9.1.0
• fix(deps): update actions/upload-artifact action to v4.6.2
• fix(deps): update codecov/codecov-action action to v4.6.0
• fix(deps): update dependency pre-commit/pre-commit to v3.8.0
• fix(deps): update github/codeql-action action to v3.31.9
• fix(deps): update mcr.microsoft.com/devcontainers/python docker tag to v1.2.8
• fix(deps): update ossf/scorecard-action action to v2.4.3
• fix(deps): update pypa/gh-action-pypi-publish action to v1.13.0
• fix(deps): update python-semantic-release/python-semantic-release action to v9.21.1
• fix(deps): update step-security/harden-runner action to v2.14.0
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

devcontainer

.devcontainer/devcontainer.json

• mcr.microsoft.com/devcontainers/python 1.1.12-3.12-bookworm
• ghcr.io/devcontainers-contrib/features/pre-commit 2
• ghcr.io/guiyomh/features/just 0.1.0
• ghcr.io/devcontainers-contrib/features/act 1
• ghcr.io/devcontainers-contrib/features/actionlint 1
• ghcr.io/devcontainers/features/docker-in-docker 2
• ghcr.io/guiyomh/features/just 0

github-actions

.github/workflows/automation-closer.yml

• actions/stale v9.0.0@28ca1036281a5e5922ead5184a1bbf96e5fc984e
• actions/stale v9.0.0@28ca1036281a5e5922ead5184a1bbf96e5fc984e

.github/workflows/automation-comment-pr.yml

• actions/github-script v7.0.1@60a0d83039c74a4aee543508d2ffcb1c3799cdea
• actions/github-script v7.0.1@60a0d83039c74a4aee543508d2ffcb1c3799cdea

.github/workflows/automation-greeter.yml

• actions/first-interaction v1.3.0@34f15e814fe48ac9312ccf29db4e74fa767cbab7

.github/workflows/automation-labeler.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/labeler v5.0.0@8558fd74291d67161a8a78ce36a881fa63b766a9

.github/workflows/deployment-python-pypi.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• python-semantic-release/python-semantic-release v9.8.6@dec06aa649fddae6610bc64878868498bfcbad7b
• pypa/gh-action-pypi-publish v1.9.0@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0
• python-semantic-release/upload-to-gh-release v9.8.6@0dcddac3ba7b691d7a3fd4586b640d7b214a0016

.github/workflows/deployment-s3.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/workflows/integration-commit-validator.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c

.github/workflows/integration-linter-pre-commit.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-python v5.1.1@39cd14951b08e74b54015e9e001cdefcf80e669f

.github/workflows/integration-modification-script.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/integration-python.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-python v5.1.1@39cd14951b08e74b54015e9e001cdefcf80e669f
• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-python v5.1.1@39cd14951b08e74b54015e9e001cdefcf80e669f
• codecov/codecov-action v4.5.0@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673

.github/workflows/security-codacy.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• codacy/codacy-analysis-cli-action v4.4.5@97bf5df3c09e75f5bcd72695998f96ebd701846e
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a

.github/workflows/security-codeql.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a

.github/workflows/security-dependencies.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/dependency-review-action v4.3.4@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c

.github/workflows/security-ossf-scorecard.yml

• step-security/harden-runner v2.9.0@0d381219ddf674d61a7572ddd19d7941e271515c
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• ossf/scorecard-action v2.3.3@dc50aa9510b46c811795eb24b2f1ba02a914e534
• actions/upload-artifact v4.3.4@0b2256b8c012f0828dc542b3febcab082c67f72b
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a

regex

.github/workflows/integration-linter-pre-commit.yml

• pre-commit/pre-commit 3.7.1

README.md

renovate-config-presets

.github/renovate.json