Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (10)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
github-actions	redhat-actions/buildah-build	2024-03-05
github-actions	redhat-actions/push-to-registry	2024-03-08
github-actions	slsa-framework/slsa-github-generator	2025-02-24
pip_requirements	yq	2024-04-27

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• Update dependency open-policy-agent/conftest to v0.68.2
• Update github/codeql-action action to v4.35.2
• Update registry.access.redhat.com/ubi9/python-39 Docker tag to v9.7-1776963304
• Update registry.access.redhat.com/ubi9/ubi Docker tag to v9.7-1776834047
• Update actions/setup-node action to v6.4.0
• Update aquasecurity/trivy-action action to v0.36.0
• Update sigstore/cosign-installer action to v4
• 🔐 Create all awaiting schedule PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update actions/checkout digest to de0fac2
• Update ghcr.io/redhat-cop/github-actions/confbatstest:v4.5 Docker digest to caae680
• Update registry.access.redhat.com/ubi9/go-toolset Docker digest to 75ecb48
• Update dependency homebrew/openshift-cli to v4.21.10
• Update dependency xmltodict to v1.0.4
• Update dependency tomlkit to v0.14.0
• Update quay.io/skopeo/stable Docker tag to v1.22.2
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (3)

confbatstest/Dockerfile (1)

• ghcr.io/redhat-cop/github-actions/confbatstest v4.5@sha256:14ed9e3c82b7c5ef672fd0075ca94ae3cdaf7b026a404d4d62b713c7cdb9c93c → [Updates: v4.5]

confbatstest/Dockerfile_build (3)

• registry.access.redhat.com/ubi9/go-toolset sha256:7a0aad98db45c0aac69813bb9b5af20018bd51f47a2fc183aeca89d6a05c046e → [Updates: undefined]
• registry.access.redhat.com/ubi9/ubi 9.7-1775624009@sha256:039095faabf1edde946ff528b3b6906efa046ee129f3e33fd933280bb6936221 → [Updates: 9.7-1776834047]
• registry.access.redhat.com/ubi9/python-39 9.7-1776086485@sha256:c3d30a724ff5781cd470979300aa9b2700098c3a8ca1b0e4e5c75080294f33e5 → [Updates: 9.7-1776963304]

disconnected-csv/Dockerfile (1)

• quay.io/skopeo/stable v1.21.0 → [Updates: v1.22.2]

github-actions (14)

.github/workflows/confbatstest-build.yaml (9)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• redhat-cop/github-actions v4.6@cc45c69b6655161f278271cd0c68ddcc1444a3f8
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5
• redhat-actions/buildah-build v2@7a95fa7ee0f02d552a32753e7414641a04307056
• redhat-actions/push-to-registry v2@5ed88d269cf581ea9ef6dd6806d01562096bee9c
• sigstore/cosign-installer v3@398d4b0eeef1380460a10c8013a76f728fb906ac → [Updates: v4.1.1]
• aquasecurity/trivy-action v0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 → [Updates: v0.36.0]
• aquasecurity/trivy-action v0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 → [Updates: v0.36.0]
• slsa-framework/slsa-github-generator v2.1.0

.github/workflows/confbatstest.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/disconnected-csv.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/get-image-version.yaml (1)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]

.github/workflows/github-dispatches-build.yaml (5)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• redhat-cop/github-actions v4.6@cc45c69b6655161f278271cd0c68ddcc1444a3f8
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5
• redhat-actions/buildah-build v2@7a95fa7ee0f02d552a32753e7414641a04307056
• redhat-actions/push-to-registry v2@5ed88d269cf581ea9ef6dd6806d01562096bee9c

.github/workflows/github-dispatches.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/kyverno-cli-build.yaml (5)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• redhat-cop/github-actions v4.6@cc45c69b6655161f278271cd0c68ddcc1444a3f8
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5
• redhat-actions/buildah-build v2@7a95fa7ee0f02d552a32753e7414641a04307056
• redhat-actions/push-to-registry v2@5ed88d269cf581ea9ef6dd6806d01562096bee9c

.github/workflows/kyverno-cli.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/redhat-csp-download-build.yaml (5)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• redhat-cop/github-actions v4.6@cc45c69b6655161f278271cd0c68ddcc1444a3f8
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5
• redhat-actions/buildah-build v2@7a95fa7ee0f02d552a32753e7414641a04307056
• redhat-actions/push-to-registry v2@5ed88d269cf581ea9ef6dd6806d01562096bee9c

.github/workflows/redhat-csp-download.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/scorecard.yml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4.35.2]

.github/workflows/set-helm-version.yaml (2)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• hadolint/hadolint-action v3.3.0@2332a7b74a6de0dda2e2221d575162eba76ba5e5

.github/workflows/ssh-agent-build.yaml (3)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f → [Updates: v6.4.0]
• node 24

.github/workflows/ssh-agent.yaml (1)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]

pip_requirements (1)

confbatstest/requirements.txt (5)

• argcomplete ==3.6.3
• PyYAML ==6.0.3
• tomlkit ==0.13.3 → [Updates: ==0.14.0]
• xmltodict ==1.0.2 → [Updates: ==1.0.4]
• yq ==3.4.3

regex (1)

confbatstest/Dockerfile_build (6)

• plexsystems/konstraint v0.43.0
• helm/helm v4.1.4
• stedolan/jq 1.6
• homebrew/openshift-cli 4.21.8 → [Updates: 4.21.10]
• open-policy-agent/opa v1.15.2
• open-policy-agent/conftest v0.68.0 → [Updates: v0.68.2]

---

• Check this box to trigger a request for Renovate to run again on this repository