Dependency Dashboard #178
Description
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
Config Migration Needed
- Select this checkbox to let Renovate create an automated Config Migration PR.
Repository Problems
Renovate tried to run on this repository, but found these problems.
⚠️ WARN: Some upgrade(s) did not have a releaseTimestamp, but as we're running with minimumReleaseAgeBehaviour=timestamp-optional, proceeding. See debug logs for more information
Deprecations / Replacements
Warning
These dependencies are either deprecated or have replacements available:
| Datasource | Name | Replacement PR? |
|---|---|---|
| github-actions | google-github-actions/release-please-action |
 |
PR Edited (Blocked)
The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
- fix(deps): update dependency org.apache.logging.log4j:log4j-core to v2.25.3 [security]
- fix(deps): update all dependencies j:cdx-227 (
actions/checkout,actions/setup-java,google-github-actions/release-please-action,step-security/harden-runner,org.apache.maven:maven-model,commons-codec:commons-codec,org.mockito:mockito-core,org.apache.maven.plugins:maven-source-plugin) - fix(deps): update all dependencies j:cdx-227 (major) (
@actions/core,@commitlint/config-conventional,@octokit/auth-app,actions/checkout,actions/setup-java,actions/setup-node,actions/upload-artifact,com.diffplug.spotless:spotless-maven-plugin,io.github.resilience4j:resilience4j-retry) - Click on this checkbox to rebase all open PRs at once
Detected Dependencies
github-actions (7)
.github/workflows/build.yml (3)
step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a→ [Updates:v2.14.0]actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955→ [Updates:v4.3.1,v6.0.1]actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00→ [Updates:v4.8.0,v5.1.0].github/workflows/codeql.yml (1)
coveo/public-actions main.github/workflows/dependency-review.yml (1)
coveo/public-actions main.github/workflows/maven-publish.yml (3)
step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a→ [Updates:v2.14.0]actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955→ [Updates:v4.3.1,v6.0.1]actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00→ [Updates:v4.8.0,v5.1.0].github/workflows/pr-title-semantic-lint.yml (2)
step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a→ [Updates:v2.14.0]actions/checkout v4@08eba0b27e820071cde6df949e0beb9ba4906955→ [Updates:v6,v4].github/workflows/release.yml (6)
step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a→ [Updates:v2.14.0]actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955→ [Updates:v4.3.1,v6.0.1]actions/setup-node v4.4.0@49933ea5288caeca8642d1e84afbd3f7d6820020→ [Updates:v6.1.0]actions/setup-java v4.7.1@c5195efecf7bdfc987ee8bae7a71cb8b11521c00→ [Updates:v4.8.0,v5.1.0]google-github-actions/release-please-action v4.1.1@e4dc86ba9405554aeba3c6bb2d169500e7d3b4ee→ [Updates:v4.1.1]node 18.github/workflows/scorecards.yml (5)
step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a→ [Updates:v2.14.0]actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955→ [Updates:v4.3.1,v6.0.1]ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205aactions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02→ [Updates:v6.0.0]github/codeql-action v3.26.13@f779452ac5af1c261dce0346a8f964149f49322b→ [Updates:v3.31.9,v4.31.9]
maven (1)
pom.xml (13)
org.apache.maven.plugins:maven-source-plugin 3.3.1→ [Updates:3.4.0]com.diffplug.spotless:spotless-maven-plugin 2.46.1→ [Updates:3.1.0]org.apache.maven.plugins:maven-javadoc-plugin 3.12.0org.apache.maven.plugins:maven-gpg-plugin 3.2.8org.apache.logging.log4j:log4j-core 2.25.2→ [Updates:2.25.3]com.google.code.gson:gson 2.13.2io.github.cdimascio:dotenv-java 3.2.0joda-time:joda-time 2.14.0org.mockito:mockito-core 5.20.0→ [Updates:5.21.0]junit:junit 4.13.2commons-codec:commons-codec 1.19.0→ [Updates:1.20.0]io.github.resilience4j:resilience4j-retry 1.7.1→ [Updates:2.3.0]org.apache.maven:maven-model 3.9.11→ [Updates:3.9.12]
npm (1)
package.json (3)
@actions/core ^1.10.0→ [Updates:^2.0.0]@commitlint/config-conventional 19.8.1→ [Updates:20.3.1]@octokit/auth-app ^7.0.0→ [Updates:^8.0.0]
renovate-config-presets (1)
renovate.json