Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

See Config Migration PR: #343.

Repository Problems

These problems occurred while renovating this repository. View logs.

• ⚠️ WARN: Found renovate config warnings

Deprecations / Replacements

Warning

These dependencies are either deprecated or have replacements available:

Datasource	Package	Replacement PR?
npm	npm-run-all
npm	request

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (7)

Datasource	Package	Last Updated
npm	@hapi/boom	2023-02-11
npm	acorn-jsx	2021-07-09
npm	eslint-config-airbnb	2021-12-25
npm	eslint-plugin-jsx-a11y	2024-10-26
npm	eslint-plugin-react	2025-04-03
npm	fastify-healthcheck	2024-11-09
npm	npm-run-all	2018-11-24

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• chore(deps): update actions/checkout action to v6
• chore(deps): update actions/setup-node action to v6
• chore(deps): update cycjimmy/semantic-release-action action to v6
• chore(deps): update dependency chai to v6
• chore(deps): update dependency chai-as-promised to v8
• chore(deps): update dependency chai-http to v5
• chore(deps): update dependency eslint to v10
• chore(deps): update dependency espree to v11
• chore(deps): update dependency mocha to v11
• chore(deps): update dependency nyc to v18
• chore(deps): update docker/build-push-action action to v7
• chore(deps): update docker/login-action action to v4
• chore(deps): update docker/metadata-action action to v6
• chore(deps): update docker/setup-buildx-action action to v4
• chore(deps): update docker/setup-qemu-action action to v4
• chore(deps): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
• chore(deps): update github/codeql-action action to v4
• chore(deps): update node.js to v20
• chore(deps): update node.js to v22
• chore(deps): update node.js to v24
• fix(deps): update dependency @fastify/helmet to v13
• fix(deps): update dependency @fastify/swagger to v9
• fix(deps): update dependency fastify to v5
• fix(deps): update dependency fastify-healthcheck to v5
• fix(deps): update dependency uuid to v13
• 🔐 Create all pending approval PRs at once 🔐

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): pin dependencies (ShiftLeftSecurity/scan-action, sonarsource/sonarcloud-github-action)
• chore(deps): update actions/download-artifact action to v3.1.0
• chore(deps): update actions/setup-node action to v3.9.1
• chore(deps): update actions/upload-artifact action to v3.2.2
• chore(deps): update dependency acorn to v8.16.0
• chore(deps): update dependency chai to v4.5.0
• chore(deps): update dependency mocha to v10.8.2
• chore(deps): update docker/build-push-action action to v4.2.1
• chore(deps): update docker/setup-buildx-action action to v2.10.0
• chore(deps): update github/codeql-action action to v2.28.1
• chore(deps): update linters (minor) (eslint, eslint-plugin-import, eslint-plugin-jsx-a11y, eslint-plugin-react)
• chore(deps): update node.js to v18.19.0
• chore(deps): update reviewdog/action-eslint action to v1.34.0
• chore(deps): update reviewdog/action-hadolint action to v1.50.5
• chore(deps): update supercharge/mongodb-github-action action to v1.12.1
• chore(deps): update zaproxy/action-api-scan action to v0.10.0
• fix(deps): update dependency @fastify/swagger to v8.15.0
• fix(deps): update dependency fastify to v4.29.1
• fix(deps): update dependency winston to v3.19.0
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• fix(deps): update dependency lodash to v4.18.1

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• fix(deps): update dependency mongoose to v6 [security]
• chore(deps): replace dependency npm-run-all with npm-run-all2 5.0.0
• chore(deps): update mongo docker digest to f071cbf
• chore(deps): update actions/setup-node action to v3.8.2
• chore(deps): update dependency chai-as-promised to v7.1.2
• chore(deps): update reviewdog/action-hadolint action to v1.35.1
• fix(deps): update dependency fastify to v4.24.3
• fix(deps): update dependency lodash to v4.17.23
• chore(deps): update actions/checkout action to v3.6.0
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

docker-compose (1)

docker-compose.yml (2)

• timoa/nodejs-encryption-api-example latest@sha256:33cac806d192b0c025adb464d0dae158785b13ade8826a34ca4d08a8f6a19b61
• mongo sha256:d341a86584b96eb665345a8f5b35fba8695ee1d0618fd012ec4696223a3d6c62 → [Updates: undefined]

dockerfile (1)

Dockerfile (1)

• node 18.17.1-alpine3.17@sha256:7186663f5c94e0f5e389304c748a2d5b5e5f8c941d305c3bae4f68a70b264261 → [Updates: 18.19.0-alpine3.17, 20.10.0-alpine3.17]

github-actions (3)

.github/workflows/code-review.yml (4)

• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• reviewdog/action-eslint v1.19.2@f2ee6727e05e6f0e46ea1d06a16f6685d3d7fb37 → [Updates: v1.34.0]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• reviewdog/action-hadolint v1.35.0@7bd0800b7ce35c6d644cde762174e69f18896973 → [Updates: v1.35.1, v1.50.5]

.github/workflows/codeql-analysis.yml (4)

• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• github/codeql-action v2.21.9@ddccb873888234080b77e9bc2d4764d5ccaaccf9 → [Updates: v2.28.1, v4.34.1]
• github/codeql-action v2.21.9@ddccb873888234080b77e9bc2d4764d5ccaaccf9 → [Updates: v2.28.1, v4.34.1]
• github/codeql-action v2.21.9@ddccb873888234080b77e9bc2d4764d5ccaaccf9 → [Updates: v2.28.1, v4.34.1]

.github/workflows/nodejs.yml (25)

• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• actions/setup-node v3.8.1@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d → [Updates: v3.8.2, v3.9.1, v6.3.0]
• supercharge/mongodb-github-action 1.7.0@e815fd8a9dfede09fd6e6c144f2c9f4875e933df → [Updates: 1.12.1]
• actions/upload-artifact v3.1.3@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 → [Updates: v3.2.2, v7.0.0]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• actions/download-artifact v3.0.2@9bc31d5ccc31df68ecc42ccf4149144866c47d8a → [Updates: v3.1.0, v8.0.1]
• sonarsource/sonarcloud-github-action master → [Updates: master]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• ShiftLeftSecurity/scan-action master → [Updates: master]
• actions/upload-artifact v3.1.3@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 → [Updates: v3.2.2, v7.0.0]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• actions/setup-node v3.8.1@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d → [Updates: v3.8.2, v3.9.1, v6.3.0]
• supercharge/mongodb-github-action 1.7.0@e815fd8a9dfede09fd6e6c144f2c9f4875e933df → [Updates: 1.12.1]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• actions/setup-node v3.8.1@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d → [Updates: v3.8.2, v3.9.1, v6.3.0]
• supercharge/mongodb-github-action 1.7.0@e815fd8a9dfede09fd6e6c144f2c9f4875e933df → [Updates: 1.12.1]
• zaproxy/action-api-scan v0.3.1@d7eab41e224d7427459ca0a3b7523ba7b98f3ccc → [Updates: v0.10.0]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• cycjimmy/semantic-release-action v3.4.2@8e58d20d0f6c8773181f43eb74d6a05e3099571d → [Updates: v6.0.0]
• actions/checkout v3.5.3@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 → [Updates: v3.6.0, v6.0.2]
• docker/metadata-action v4.6.0@818d4b7b91585d195f67373fd9cb0332e31a7175 → [Updates: v6.0.0]
• docker/setup-qemu-action v2.2.0@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 → [Updates: v4.0.0]
• docker/setup-buildx-action v2.9.1@4c0219f9ac95b02789c1075625400b2acbff50b1 → [Updates: v2.10.0, v4.0.0]
• docker/login-action v2.2.0@465a07811f14bebb1938fbed4728c6a1ff8901fc → [Updates: v4.0.0]
• docker/build-push-action v4.1.1@2eb1c1961a95fc15694676618e422e8ba1d63825 → [Updates: v4.2.1, v7.0.0]

npm (1)

package.json (26)

• @fastify/helmet 10.1.1 → [Updates: 13.0.2]
• @fastify/swagger 8.11.0 → [Updates: 8.15.0, 9.7.0]
• @hapi/boom 10.0.1
• fastify 4.24.1 → [Updates: 4.24.3, 4.29.1, 5.8.4]
• fastify-healthcheck 4.4.0 → [Updates: 5.1.0]
• lodash 4.17.21 → [Updates: 4.17.23, 4.18.1]
• mongoose 5.13.20 → [Updates: 6.13.6]
• uuid 8.3.2 → [Updates: 13.0.0]
• winston 3.10.0 → [Updates: 3.19.0]
• acorn 8.10.0 → [Updates: 8.16.0]
• acorn-jsx 5.3.2
• chai 4.3.10 → [Updates: 4.5.0, 6.2.2]
• chai-as-promised 7.1.1 → [Updates: 7.1.2, 8.0.2]
• chai-http 4.4.0 → [Updates: 5.1.2]
• eslint 8.51.0 → [Updates: 8.57.1, 10.1.0]
• eslint-config-airbnb 19.0.4
• eslint-plugin-import 2.28.1 → [Updates: 2.32.0]
• eslint-plugin-jsx-a11y 6.7.1 → [Updates: 6.10.2]
• eslint-plugin-react 7.33.2 → [Updates: 7.37.5]
• espree 9.6.1 → [Updates: 11.2.0]
• mocha 10.2.0 → [Updates: 10.8.2, 11.7.5]
• npm-run-all 4.1.5 → [Updates: 5.0.0]
• nyc 15.1.0 → [Updates: 18.0.0]
• request 2.88.2
• node >=18.0
• npm >=8.6.0

nvm (1)

.nvmrc (1)

• node 18 → [Updates: 20, 22, 24]

renovate-config-presets (1)

.github/renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository