Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update python:3.14-slim docker digest to 5e59aae
• chore(deps): lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update github actions (docker/login-action, super-linter/super-linter)
• chore(deps): update pre-commit hooks (astral-sh/ruff-pre-commit, biomejs/pre-commit, pre-commit/mirrors-eslint, pre-commit/mirrors-mypy, rhysd/actionlint)
• chore(deps): update python dependencies (fastapi, sqlalchemy, uvicorn)
• fix(deps): update npm dependencies (@types/node, eslint, next, typescript-eslint)
• chore(deps): update dependency typescript to v6
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

devcontainer (1)

.devcontainer/devcontainer.json (6)

• mcr.microsoft.com/devcontainers/python 3.14-bookworm@sha256:a9bbf8d2cd1d9b000716230dc7376bbb8374e17bebd1ea87d041358f5a5108ca
• ghcr.io/devcontainers/features/git-lfs 1
• ghcr.io/devcontainers/features/node 1
• node 24
• ghcr.io/devcontainers/features/docker-in-docker 2
• ghcr.io/devcontainers/features/github-cli 1

docker-compose (2)

docker-compose.prod.yml (2)

• ghcr.io/devsecninja/hadiscover/backend 0.2.14@sha256:cbf696794b817b6fa08345c9fda852da829323f97884b3b48dea3b316d864af4
• ghcr.io/devsecninja/hadiscover/frontend 0.2.14@sha256:f91f9378b1ca29710a86217c3c80ea058ae27c782c81870a8f05734f900b73da

docker-compose.yml

dockerfile (2)

backend/Dockerfile (1)

• python 3.14-slim@sha256:fb83750094b46fd6b8adaa80f66e2302ecbe45d513f6cece637a841e1025b4ca → [Updates: 3.14-slim]

frontend/Dockerfile (2)

• node 24-alpine@sha256:01743339035a5c3c11a373cd7c83aeab6ed1457b55da6a69e014a95ac4e4700b
• nginx alpine@sha256:e7257f1ef28ba17cf7c248cb8ccf6f0c6e0228ab9c315c152f9c203cd34cf6d1

github-actions (13)

.github/workflows/auto-label-issues.yml (1)

• actions/github-script v8@ed597411d8f924073f98dfc5c65a23a2325f34cd

.github/workflows/auto-label.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/labeler v6@634933edcd8ababfe52f92936142cc22ac488b1b

.github/workflows/bandit.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• DevSecNinja/python-bandit-scan v1.0.1@62d16066d02e3669359cd9b25f079d249f608c4d

.github/workflows/build-and-push-image.yml (4)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/login-action v4@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4]
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294

.github/workflows/codeql.yml (3)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13

.github/workflows/dependency-review.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v4.9.0@2031cfc080254a8a887f58cffee85186f0e49e48

.github/workflows/deploy.yml (11)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python v6@a309ff8b426b58ec0e2a45f0f869d46889d02405
• codecov/codecov-action v6@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
• codecov/test-results-action v1@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6@53b83947a5a98c8d113130e565377fae1a50d02f
• actions/configure-pages v6@45bfe0192ca1faeb007ade9deae92b16b8254a0d
• actions/upload-pages-artifact v4@7b1f4a764d45c48632c6b24a0339c27f5614fb0b
• actions/deploy-pages v5@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128
• python 3.14
• node 24

.github/workflows/docker-test.yml (15)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python v6@a309ff8b426b58ec0e2a45f0f869d46889d02405
• codecov/codecov-action v6@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
• codecov/test-results-action v1@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294
• python 3.14

.github/workflows/lint.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• super-linter/super-linter v8.5.0@61abc07d755095a68f4987d1c2c3d1d64408f1f9 → [Updates: v8.6.0]

.github/workflows/pr-images.yml (3)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/github-script v8@ed597411d8f924073f98dfc5c65a23a2325f34cd

.github/workflows/release.yml (13)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python v6@a309ff8b426b58ec0e2a45f0f869d46889d02405
• codecov/codecov-action v6@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• softprops/action-gh-release v2@153bb8e04406b158c6c84fc1615b65b24149a1fe
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6@53b83947a5a98c8d113130e565377fae1a50d02f
• actions/configure-pages v6@45bfe0192ca1faeb007ade9deae92b16b8254a0d
• actions/upload-pages-artifact v4@7b1f4a764d45c48632c6b24a0339c27f5614fb0b
• actions/deploy-pages v5@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128
• python 3.14
• node 24

.github/workflows/scan-image.yml (4)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/login-action v4@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4]
• aquasecurity/trivy-action 0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13

.github/workflows/todo-to-issue.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• alstr/todo-to-issue-action v5@64aca8fda7023259aada83ba44ad988c4c443657
• ubuntu 24.04

npm (2)

frontend/package.json (9)

• next 16.2.1 → [Updates: 16.2.2]
• react 19.2.4
• react-dom 19.2.4
• @tailwindcss/postcss ^4
• @types/node ^24.0.0 → [Updates: ^24.0.0]
• @types/react ^19
• @types/react-dom ^19
• tailwindcss ^4
• typescript ^5 → [Updates: ^6.0.0]

package.json (4)

• @eslint/js ^10.0.0
• eslint ^10.0.0 → [Updates: ^10.0.0]
• typescript ^5.9.3 → [Updates: ^6.0.0]
• typescript-eslint ^8.51.0 → [Updates: ^8.51.0]

pip_requirements (2)

backend/requirements.txt (10)

• fastapi ==0.135.2 → [Updates: ==0.135.3]
• uvicorn ==0.42.0 → [Updates: ==0.44.0]
• pyyaml ==6.0.3
• httpx ==0.28.1
• sqlalchemy ==2.0.48 → [Updates: ==2.0.49]
• pytest ==9.0.2
• pytest-asyncio ==1.3.0
• pytest-cov ==7.1.0
• python-dotenv ==1.2.2
• apscheduler ==3.11.2

requirements.txt (2)

• black ==26.3.1
• pre_commit ==4.5.1

pre-commit (1)

.pre-commit-config.yaml (13)

• pre-commit/pre-commit-hooks v6.0.0
• psf/black-pre-commit-mirror 26.3.1
• astral-sh/ruff-pre-commit v0.15.8 → [Updates: v0.15.9]
• scop/pre-commit-shfmt v3.12.0-2
• biomejs/pre-commit v2.4.9 → [Updates: v2.4.10]
• PyCQA/bandit 1.9.4
• shellcheck-py/shellcheck-py v0.9.0.5
• igorshubovych/markdownlint-cli v0.48.0
• zizmorcore/zizmor-pre-commit v1.23.1
• rbubley/mirrors-prettier v3.8.1
• pre-commit/mirrors-mypy v1.19.1 → [Updates: v1.20.0]
• pre-commit/mirrors-eslint v10.1.0 → [Updates: v10.2.0]
• rhysd/actionlint v1.7.11 → [Updates: v1.7.12]

---

• Check this box to trigger a request for Renovate to run again on this repository