Configure Renovate to Update Dependencies in Dockerfiles

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• .templates/new-scanner/parser/Dockerfile (dockerfile)
• auto-discovery/cloud-aws/Dockerfile (dockerfile)
• auto-discovery/kubernetes/Dockerfile (dockerfile)
• auto-discovery/kubernetes/pull-secret-extractor/Dockerfile (dockerfile)
• demo-targets/dummy-ssh/container/Dockerfile (dockerfile)
• demo-targets/old-joomla/container/Dockerfile (dockerfile)
• demo-targets/old-typo3/container/Dockerfile (dockerfile)
• demo-targets/old-wordpress/container/Dockerfile (dockerfile)
• demo-targets/unsafe-https/container/Dockerfile (dockerfile)
• documentation/docs/contributing/integrating-a-hook/dockerfile.md (dockerfile)
• hook-sdk/nodejs/Dockerfile (dockerfile)
• hooks/cascading-scans/hook/Dockerfile (dockerfile)
• hooks/finding-post-processing/hook/Dockerfile (dockerfile)
• hooks/generic-webhook/hook/Dockerfile (dockerfile)
• hooks/notification/hook/Dockerfile (dockerfile)
• hooks/persistence-azure-monitor/hook/Dockerfile (dockerfile)
• hooks/persistence-defectdojo/hook/Dockerfile (dockerfile)
• hooks/persistence-dependencytrack/hook/Dockerfile (dockerfile)
• hooks/persistence-elastic/dashboard-importer/Dockerfile (dockerfile)
• hooks/persistence-elastic/hook/Dockerfile (dockerfile)
• hooks/update-field-hook/hook/Dockerfile (dockerfile)
• lurker/Dockerfile (dockerfile)
• operator/Dockerfile (dockerfile)
• parser-sdk/nodejs/Dockerfile (dockerfile)
• scanners/ffuf/parser/Dockerfile (dockerfile)
• scanners/ffuf/scanner/Dockerfile (dockerfile)
• scanners/git-repo-scanner/parser/Dockerfile (dockerfile)
• scanners/git-repo-scanner/scanner/Dockerfile (dockerfile)
• scanners/gitleaks/parser/Dockerfile (dockerfile)
• scanners/kube-hunter/parser/Dockerfile (dockerfile)
• scanners/kube-hunter/scanner/Dockerfile (dockerfile)
• scanners/ncrack/parser/Dockerfile (dockerfile)
• scanners/ncrack/scanner/Dockerfile (dockerfile)
• scanners/nikto/parser/Dockerfile (dockerfile)
• scanners/nikto/scanner/Dockerfile (dockerfile)
• scanners/nmap/parser/Dockerfile (dockerfile)
• scanners/nmap/scanner/Dockerfile (dockerfile)
• scanners/nuclei/parser/Dockerfile (dockerfile)
• scanners/screenshooter/parser/Dockerfile (dockerfile)
• scanners/screenshooter/scanner/Dockerfile (dockerfile)
• scanners/semgrep/parser/Dockerfile (dockerfile)
• scanners/ssh-audit/parser/Dockerfile (dockerfile)
• scanners/ssh-audit/scanner/Dockerfile (dockerfile)
• scanners/sslyze/parser/Dockerfile (dockerfile)
• scanners/sslyze/scanner/Dockerfile (dockerfile)
• scanners/subfinder/parser/Dockerfile (dockerfile)
• scanners/test-scan/parser/Dockerfile (dockerfile)
• scanners/test-scan/scanner/Dockerfile (dockerfile)
• scanners/trivy-sbom/parser/Dockerfile (dockerfile)
• scanners/trivy/parser/Dockerfile (dockerfile)
• scanners/whatweb/parser/Dockerfile (dockerfile)
• scanners/whatweb/scanner/Dockerfile (dockerfile)
• scanners/wpscan/parser/Dockerfile (dockerfile)
• scanners/wpscan/scanner/Dockerfile (dockerfile)
• scanners/zap-automation-framework/parser/Dockerfile (dockerfile)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Use curated list of recommended non-monorepo package groupings.
• Disable Renovate Dependency Dashboard creation.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 9 Pull Requests:

Update golang Docker tag to v1.24.6

• Schedule: ["at any time"]
• Branch name: renovate/golang-1.x
• Merge into: main
• Upgrade golang to 1.24.6

Update alpine Docker tag to v3.22

• Schedule: ["at any time"]
• Branch name: renovate/alpine-3.x
• Merge into: main
• Upgrade alpine to 3.22

Update debian Docker tag to v12.11

• Schedule: ["at any time"]
• Branch name: renovate/debian-12.x
• Merge into: main
• Upgrade debian to 12.11

Update martinhelmich/typo3 Docker tag to v9.5

• Schedule: ["at any time"]
• Branch name: renovate/martinhelmich-typo3-9.x
• Merge into: main
• Upgrade martinhelmich/typo3 to 9.5

Update nginx Docker tag to v1.29

• Schedule: ["at any time"]
• Branch name: renovate/nginx-1.x
• Merge into: main
• Upgrade nginx to 1.29-alpine

Update martinhelmich/typo3 Docker tag to v13

• Schedule: ["at any time"]
• Branch name: renovate/martinhelmich-typo3-13.x
• Merge into: main
• Upgrade martinhelmich/typo3 to 13.4

Update php Docker tag to v8

• Schedule: ["at any time"]
• Branch name: renovate/php-8.x
• Merge into: main
• Upgrade php to 8.4-apache

Update ubuntu Docker tag to v24

• Schedule: ["at any time"]
• Branch name: renovate/ubuntu-24.x
• Merge into: main
• Upgrade ubuntu to 24.04

Update wordpress Docker tag to v6

• Schedule: ["at any time"]
• Branch name: renovate/wordpress-6.x
• Merge into: main
• Upgrade wordpress to 6

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for docs-securecodebox canceled.

Name	Link
🔨 Latest commit	7b5a022
🔍 Latest deploy log	https://app.netlify.com/projects/docs-securecodebox/deploys/68944ec753564200082de233

[github-actions]

🦙 MegaLinter status: ✅ SUCCESS

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time

See detailed report in MegaLinter reports
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud