Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update github actions (TriPSs/conventional-changelog-action, aquasecurity/trivy-action, aws-actions/amazon-ecr-login, aws-actions/configure-aws-credentials, bcgov-nr/action-get-pr, bcgov/quickstart-openshift-helpers, grafana/run-k6-action, grafana/setup-k6-action, softprops/action-gh-release)
• chore(deps): update infrastructure updates (caddy, node)
• chore(deps): update dependency @types/supertest to v7
• chore(deps): update dependency jsdom to v29
• chore(deps): update dependency typescript to v6
• chore(deps): update github actions (major) (docker/login-action, hashicorp/setup-terraform, shrink/actions-docker-registry-tag, softprops/action-gh-release)
• fix(deps): update dependency @vitejs/plugin-react to v6
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package aquasecurity/trivy-action).

Files affected: .github/workflows/.tests.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency @nestjs/core to v11.1.18 [security]
• chore(deps): update dependency vite to v7.3.2 [security]
• chore(deps): update dependency axios to v1.15.0 [security]
• chore(deps): update dependency lodash to v4.18.1 [security]
• fix(deps): update node dependencies (@bcgov/design-system-react-components, @swc/cli, node)
• chore(deps): update linters (major) (@eslint/js, eslint, eslint-plugin-cypress)
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• fix(deps): update prisma monorepo to v7 (major) (@prisma/client, prisma)

Detected Dependencies

docker-compose (1)

docker-compose.yml (3)

• postgis/postgis 17-3.5
• flyway/flyway 12-alpine
• schemaspy/schemaspy 7.0.2

dockerfile (3)

backend/Dockerfile (2)

• node 24.13.1-slim → [Updates: 24.15.0-slim]
• node 24.13.1-slim → [Updates: 24.15.0-slim]

frontend/Dockerfile (2)

• node 24-slim
• caddy 2.10.2-alpine → [Updates: 2.11.2-alpine]

migrations/Dockerfile (1)

• flyway/flyway 12-alpine

github-actions (14)

.github/workflows/.builds.yml (2)

• bcgov/action-builder-ghcr v4.2.1@2b24ac7f95e6a019064151498660437cca3202c5
• ubuntu 24.04

.github/workflows/.deploy_stack.yml (9)

• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• aws-actions/amazon-ecr-login v2@062b18b96a7aff071d4dc91bc00c4c1a7945b076 → [Updates: v2]
• docker/login-action v3 → [Updates: v4]
• actions/checkout v6
• actions/setup-node v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• ubuntu 24.04
• ubuntu 24.04
• node 24

.github/workflows/.deployer.yml (5)

• actions/checkout v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• hashicorp/setup-terraform v3@b9cd54a3c349d3f38e8881555d616ced269862dd → [Updates: v4]
• autero1/action-terragrunt v3@aefb0a43c4f5503a91fefb307745c4d51c26ed0e
• ubuntu 24.04

.github/workflows/.e2e.yml (5)

• actions/checkout v6
• actions/cache v5
• actions/setup-node v6
• ubuntu 24.04
• node 24

.github/workflows/.load-test.yml (4)

• actions/checkout v6
• grafana/setup-k6-action v1@ffe7d7290dfa715e48c2ccc924d068444c94bde2 → [Updates: v1]
• grafana/run-k6-action v1@a15e2072ede004e8d46141e33d7f7dad8ad08d9d → [Updates: v1]
• ubuntu 24.04

.github/workflows/.stack-prefix.yml (2)

• actions/checkout v6
• ubuntu 24.04

.github/workflows/.tests.yml (9)

• bcgov/action-test-and-analyse v2.0.0@8f699e3fd3fadd9a6adf6f4b1f2638ef7ecfefb9
• bcgov/action-test-and-analyse v2.0.0@8f699e3fd3fadd9a6adf6f4b1f2638ef7ecfefb9
• actions/checkout v6
• aquasecurity/trivy-action 0.34.0@c1824fd6edce30d7ab345a9989de00bbd46ef284 → [Updates: v0.36.0]
• github/codeql-action v4
• postgis/postgis 17-3.5
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/merge.yml (6)

• bcgov-nr/action-get-pr v0.1.0@35514fa1d4765547da319e967b509363598e8b46 → [Updates: v0.1.1]
• shrink/actions-docker-registry-tag v4@f04afd0559f66b288586792eb150f45136a927fa → [Updates: v5]
• shrink/actions-docker-registry-tag v4@f04afd0559f66b288586792eb150f45136a927fa → [Updates: v5]
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/pause-resources.yml (6)

• actions/checkout v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• actions/checkout v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/pr-close.yml (2)

• actions/checkout v6
• ubuntu 24.04

.github/workflows/pr-open.yml (1)

• ubuntu 24.04

.github/workflows/pr-validate.yml (2)

• bcgov/quickstart-openshift-helpers v1.0.1@6d695dd755fa9255ea4bde335890516beb6f95e4 → [Updates: v1.1.0]
• ubuntu 24.04

.github/workflows/release.yml (7)

• actions/checkout v6
• TriPSs/conventional-changelog-action v6@84dadaf2c367cb52af02737cd9c7e888807219e7 → [Updates: v6]
• shrink/actions-docker-registry-tag v4@f04afd0559f66b288586792eb150f45136a927fa → [Updates: v5]
• softprops/action-gh-release v2@a06a81a03ee405af7f2048a818ed3f03bbf83c7b → [Updates: v3, v2]
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/resume-resources.yml (6)

• actions/checkout v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• actions/checkout v6
• aws-actions/configure-aws-credentials v6@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 → [Updates: v6]
• ubuntu 24.04
• ubuntu 24.04

npm (3)

backend/package.json (48)

• @nestjs/cli ^11.0.0
• @nestjs/common ^11.0.0
• @nestjs/config ^4.0.0
• @nestjs/core ^11.0.0 → [Updates: ^11.0.0]
• @nestjs/platform-express ^11.0.0
• @nestjs/schematics ^11.0.0
• @nestjs/swagger ^11.0.0
• @nestjs/terminus ^11.0.0
• @nestjs/testing ^11.0.0
• @prisma/client ^6.1.0 → [Updates: ^7.0.0]
• express-prom-bundle ^8.0.0
• helmet ^8.0.0
• nest-winston ^1.9.7
• pg ^8.13.1
• prisma ^6.1.0 → [Updates: ^7.0.0]
• prom-client ^15.1.3
• reflect-metadata ^0.2.2
• rimraf ^6.0.1
• swagger-ui-express ^5.0.1
• winston ^3.17.0
• @eslint/eslintrc ^3.2.0
• @eslint/js ^9.15.0 → [Updates: ^10.0.0]
• @swc/cli ^0.7.0 → [Updates: ^0.8.0]
• @swc/core ^1.9.1
• @types/express ^5.0.0
• @types/node ^24.0.0
• @types/supertest ^6.0.0 → [Updates: ^7.0.0]
• @typescript-eslint/eslint-plugin ^8.16.0
• @typescript-eslint/parser ^8.16.0
• @vitest/coverage-v8 ^4.0.0
• eslint ^9.16.0 → [Updates: ^10.0.0]
• eslint-config-prettier ^10.0.0
• eslint-plugin-prettier ^5.2.1
• globals ^17.0.0
• istanbul-badges-readme ^1.9.0
• prettier ^3.0.3
• source-map-support ^0.5.21
• supertest ^7.0.0
• ts-loader ^9.5.0
• ts-node ^10.9.1
• tsconfig-paths ^4.2.0
• typescript ^5.2.2 → [Updates: ^6.0.0]
• unplugin-swc ^1.5.1
• vite-tsconfig-paths ^6.0.0
• vitest ^4.0.0
• vitest-sonar-reporter ^3.0.0
• node 24.13.0 → [Updates: 24.15.0]
• reflect-metadata ^0.2.2

frontend/package.json (47)

• @bcgov/bc-sans ^2.1.0
• @bcgov/design-system-react-components ^0.6.0 → [Updates: ^0.7.0]
• @popperjs/core ^2.11.8
• @tanstack/react-router ^1.114.12
• @tanstack/router-plugin ^1.114.27
• @types/node ^24.0.0
• @vitejs/plugin-react ^5.0.0 → [Updates: ^6.0.0]
• axios ^1.7.7 → [Updates: ^1.7.7]
• bootstrap ^5.3.3
• bootstrap-icons ^1.11.3
• react ^19.0.0
• react-bootstrap ^2.10.9
• react-dom ^19.0.0
• sass-embedded ^1.86.0
• vite ^7.0.0 → [Updates: ^7.0.0]
• vite-tsconfig-paths ^6.0.0
• @faker-js/faker ^10.0.0
• @playwright/test ^1.51.0
• @tanstack/react-router-devtools ^1.114.13
• @testing-library/jest-dom ^6.0.0
• @testing-library/react ^16.0.0
• @testing-library/user-event ^14.4.3
• @types/react ^19.0.10
• @types/react-dom ^19.0.4
• @vitest/coverage-v8 ^4.0.0
• @vitest/ui ^4.0.0
• @eslint/eslintrc ^3.2.0
• @eslint/js ^9.15.0 → [Updates: ^10.0.0]
• @typescript-eslint/eslint-plugin ^8.16.0
• @typescript-eslint/parser ^8.16.0
• eslint ^9.16.0 → [Updates: ^10.0.0]
• eslint-config-prettier ^10.0.0
• eslint-plugin-cypress ^5.0.0 → [Updates: ^6.0.0]
• eslint-plugin-html ^8.1.2
• eslint-plugin-prettier ^5.2.1
• eslint-plugin-react ^7.37.4
• eslint-plugin-react-hooks ^7.0.0
• eslint-plugin-tsdoc ^0.5.0
• globals ^17.0.0
• history ^5.3.0
• jsdom ^28.0.0 → [Updates: ^29.0.0]
• msw ^2.7.3
• playwright ^1.51.0
• prettier ^3.5.3
• sass ^1.85.1
• typescript ^5.7.3 → [Updates: ^6.0.0]
• vitest ^4.0.0

tests/integration/package.json (4)

• axios ^1.6.8 → [Updates: ^1.6.8]
• dotenv ^17.0.0
• js-yaml ^4.1.0
• lodash ^4.17.21 → [Updates: ^4.17.21]

renovate-config (1)

renovate.json

terraform (5)

infra/main.tf

infra/modules/api/main.tf (7)

• aws ~> 6.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0

infra/modules/database/main.tf (3)

• terraform-aws-modules/rds-aurora/aws 10.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0

infra/modules/frontend/main.tf (7)

• aws ~> 6.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0
• github.com/bcgov/quickstart-aws-helpers v0.2.0

infra/providers.tf (2)

• aws ~> 6.0
• hashicorp/terraform >= 1.12

terragrunt (4)

terragrunt/dev/terragrunt.hcl

terragrunt/prod/terragrunt.hcl

terragrunt/terragrunt.hcl

terragrunt/test/terragrunt.hcl

---

• Check this box to trigger a request for Renovate to run again on this repository