Dependency Dashboard

[Renovate-Bot-PedroPombeiro]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (24)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
bundler	capybara	2024-01-27
bundler	dartsass-rails	2024-07-30
bundler	debugbar	2025-02-04
bundler	derailed_benchmarks	2024-10-15
bundler	erb_lint	2025-01-20
bundler	gemoji	2023-03-29
bundler	geokit	2023-01-24
bundler	graphlient	2024-01-06
bundler	htmlcompressor	2017-12-28
bundler	jsbundling-rails	2024-07-29
bundler	local_time	2025-03-13
bundler	puma_worker_killer	2024-07-22
bundler	rails-controller-testing	2020-06-23
bundler	retries	2013-03-19
bundler	rubocop-rails-omakase	2025-02-25
bundler	simplecov	2022-12-23
bundler	stimulus-rails	2024-08-17
bundler	stub_env	2015-08-20
npm	@hotwired/stimulus	2023-08-07
npm	@popperjs/core	2023-05-26
npm	bootstrap-icons	2025-05-10
npm	chartjs-plugin-datalabels	2022-12-10
npm	flag-icons	2025-05-29
npm	local-time	2025-03-13

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): lock file maintenance

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• fix(deps): update npm dependencies - automerge (@fortawesome/fontawesome-free, @hotwired/turbo-rails, @types/node, @typescript-eslint/eslint-plugin, @typescript-eslint/parser, autoprefixer, chartjs-plugin-trendline, esbuild, eslint, eslint-plugin-prettier, nodemon, postcss, prettier, sass, typescript, yarn)

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• chore(deps): update dependency connection_pool to v3
• chore(deps): update ruby docker tag to v4

Detected Dependencies

bundler (1)

Gemfile (67)

• rails "~> 8.1.1"
• propshaft lock file @ 1.3.2
• sqlite3 ">= 2.1"
• pg "~> 1.5"
• puma "~> 8"
• puma_worker_killer lock file @ 1.0.0
• turbo-rails lock file @ 2.0.23
• stimulus-rails lock file @ 1.3.4
• jsbundling-rails "~> 1.3"
• jbuilder lock file @ 2.15.1
• redis ">= 4.0.1"
• solid_cache lock file @ 1.0.10
• solid_queue lock file @ 1.4.0
• solid_cable lock file @ 4.0.0
• bootsnap lock file @ 1.24.5
• kamal lock file @ 2.11.0
• thruster lock file @ 0.1.21
• httplog lock file @ 1.8.0
• rack-attack lock file @ 6.8.0
• htmlcompressor lock file @ 0.4.0
• connection_pool "< 3" → [Updates: "< 4"]
• derailed_benchmarks lock file @ 2.2.1
• debug lock file @ 1.11.1
• brakeman lock file @ 8.0.4
• rubocop-rails-omakase lock file @ 1.1.0
• standard lock file @ 1.54.0
• standard-rails lock file @ 1.6.0
• erb_lint lock file @ 0.9.0
• rspec-rails "~> 8.0.0"
• factory_bot "~> 6.5"
• factory_bot_rails "~> 6.4"
• web-console lock file @ 4.3.0
• debugbar lock file @ 0.4.3
• hotwire-livereload "~> 2.0"
• spring lock file @ 4.6.0
• dockerfile-rails ">= 1.6"
• capybara lock file @ 3.40.0
• selenium-webdriver lock file @ 4.44.0
• webmock lock file @ 3.26.2
• shoulda-matchers "~> 7.0"
• test-prof "~> 1.4"
• stub_env lock file @ 1.0.4
• simplecov lock file @ 0.22.0
• rails-controller-testing lock file @ 1.0.5
• async "~> 2.29"
• dartsass-rails "~> 0.5.1"
• graphlient lock file @ 0.8.0
• local_time "~> 3.0"
• mission_control-jobs lock file @ 1.1.0
• web-push "~> 3.0"
• geokit "~> 1.14"
• timezone "~> 1.3"
• honeybadger "~> 6.1"
• gemoji "~> 4.1"
• retries "~> 0.0.5"
• opentelemetry-sdk "~> 1.4"
• opentelemetry-exporter-otlp "~> 0.29"
• opentelemetry-instrumentation-rails "~> 0.33"
• opentelemetry-instrumentation-rack "~> 0.25"
• opentelemetry-instrumentation-action_pack "~> 0.10"
• opentelemetry-instrumentation-action_view "~> 0.8"
• opentelemetry-instrumentation-active_record "~> 0.8"
• opentelemetry-instrumentation-active_job "~> 0.8"
• opentelemetry-instrumentation-faraday "~> 0.25"
• opentelemetry-instrumentation-net_http "~> 0.22"
• opentelemetry-instrumentation-redis "~> 0.26"
• opentelemetry-instrumentation-concurrent_ruby "~> 0.22"

dockerfile (1)

Dockerfile (2)

• docker/dockerfile 1@sha256:b6afd42430b15f2d2a4c5a02b919e98a525b785b1aaff16747d2f623364e39b6 → [Updates: 1]
• ruby 3.4.9-alpine@sha256:45bdd95e337296472eafa907dc53cfbcf1e3878a11795062f47392d4c251add9 → [Updates: 4.0.5-alpine, 3.4.9-alpine]

github-actions (2)

.github/workflows/ci.yml (20)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• dorny/paths-filter v4@fbd0ab8f3e69293af611ebaee6363fc25e6d187d
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ruby/setup-ruby v1
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ruby/setup-ruby v1
• standardrb/standard-ruby-action v1
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
• ruby/setup-ruby v1
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/metadata-action v6@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9
• docker/setup-buildx-action v4@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
• docker/login-action v4@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
• docker/build-push-action v7@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• actions/attest-build-provenance v4@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32
• redis 8.8.0-alpine@sha256:cc4528bddf546d352dcb171aa39bf1650c23b85a463784e9e9dea16ece1d18e8 → [Updates: 8.8.0-alpine]

.github/workflows/trivy.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4@7211b7c8077ea37d8641b6271f6a365a22a5fbfa

nodenv (1)

.node-version (1)

• node 25.9.0

npm (1)

package.json (26)

• @fortawesome/fontawesome-free ^7.1.0 → [Updates: ^7.2.0]
• @hotwired/stimulus ^3.2.2
• @hotwired/turbo-rails ^8.0.20 → [Updates: ^8.0.23]
• @popperjs/core ^2.11.8
• autoprefixer ^10.4.23 → [Updates: ^10.5.0]
• bootstrap ^5.3.8
• bootstrap-icons ^1.13.1
• chart.js ^4.5.1
• chartjs-plugin-datalabels ^2.2.0
• chartjs-plugin-trendline ^3.2.0 → [Updates: ^3.2.4]
• flag-icons ^7.5.0
• local-time ^3.0.3
• nodemon ^3.1.11 → [Updates: ^3.1.14]
• sass ^1.97.1 → [Updates: ^1.100.0]
• @eslint/js ^10.0.1
• @types/node ^24.10.4 → [Updates: ^24.12.4]
• @typescript-eslint/eslint-plugin ^8.50.1 → [Updates: ^8.60.0]
• @typescript-eslint/parser ^8.50.1 → [Updates: ^8.60.0]
• esbuild 0.27.2 → [Updates: 0.28.0]
• eslint ^10.0.0 → [Updates: ^10.4.0]
• eslint-config-prettier ^10.1.8
• eslint-plugin-prettier ^5.5.4 → [Updates: ^5.5.5]
• postcss 8.5.10 → [Updates: 8.5.15]
• prettier ^3.7.4 → [Updates: ^3.8.3]
• typescript ^6.0.2 → [Updates: ^6.0.3]
• yarn 4.14.1 → [Updates: 4.15.0]

regex (1)

Dockerfile (1)

• node 25.9.0

ruby-version (1)

.ruby-version