Dependency Dashboard #610
Description
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Deprecations / Replacements
Warning
These dependencies are either deprecated or have replacements available:
| Datasource | Package | Replacement PR? |
|---|---|---|
| npm | @bcgov-nr/nr-fsa-theme |  |
Awaiting Schedule
The following updates are awaiting their schedule. To get an update now, click on a checkbox below.
- chore(deps): lock file maintenance
Rate-Limited
The following updates are currently rate-limited. To force their creation now, click on a checkbox below.
- chore(deps): update dependency @types/jsdom to v28
- chore(deps): update dependency globals to v17
- chore(deps): update dependency jsdom to v28
- chore(deps): update dependency undici to v7
- chore(deps): update dependency vite-plugin-istanbul to v8
- chore(deps): update linters to v10 (major) (
@eslint/js,eslint) - chore(deps): update node.js to v24
- chore(deps): update vite (major) (
@vitejs/plugin-vue,vite) - chore(deps): update vitest monorepo to v4 (major) (
@vitest/coverage-istanbul,vitest) - fix(deps): update flyway to v12 (major) (
org.flywaydb:flyway-database-postgresql,org.flywaydb:flyway-core,org.flywaydb:flyway-database-oracle) - fix(deps): update springframework (major) (
org.springframework:spring-web,org.springframework.security:spring-security-crypto,org.springframework.security:spring-security-core,org.springframework.boot:spring-boot-starter-parent) - 🔐 Create all rate-limited PRs at once 🔐
Other Branches
The following updates are pending. To force the creation of a PR, click on a checkbox below.
- chore(deps): update dependency fast-xml-parser to v5.5.6 [security]
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
- fix(deps): update java dependencies (
org.flywaydb:flyway-database-postgresql,org.flywaydb:flyway-core,io.micrometer:micrometer-tracing-bom,io.micrometer:micrometer-bom,ch.qos.logback:logback-classic,ch.qos.logback:logback-core,org.flywaydb:flyway-database-oracle)
PR Closed (Blocked)
The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.
- chore(deps): update dependency cypress to v15
- chore(deps): update dependency glob to v13
- chore(deps): update dependency unplugin-icons to v23
- chore(deps): update dependency unplugin-vue-components to v31
- fix(deps): update testcontainers-java monorepo to v2 (major) (
org.testcontainers:testcontainers-bom,org.testcontainers:testcontainers)
Detected Dependencies
docker-compose (1)
docker-compose.yml (1)
gvenzl/oracle-free 23.9-full-faststart
dockerfile (6)
backend/Dockerfile (1)
ghcr.io/graalvm/native-image 22.3.3database/Dockerfile (1)
postgres 13.23→ [Updates:18.2]frontend/Dockerfile (2)
node 22.22-alpine3.22→ [Updates:24.14-alpine3.22]caddy 2.11.2-alpinelegacy/Dockerfile (1)
ghcr.io/graalvm/native-image 22.3.3legacydb/Dockerfile (1)
gvenzl/oracle-free 23.9-slim-faststartprocessor/Dockerfile
github-actions (13)
.github/workflows/.automated-tests.yml (8)
actions/checkout v6actions/setup-node v6cypress-io/github-action v5mikepenz/action-junit-report v6@49b2ca06f62aa7ef83ae6769a2179271e160d8e4actions/upload-artifact v7actions/upload-artifact v7ubuntu 24.04node 24.github/workflows/.deploy.yml (9)
bcgov/action-get-pr v0.1.1@bfa713a9ab410c0f0c13126c35983934fc80d15bbcgov/action-deployer-openshift v4.0.1@565e315dfddb8aee08fcfd885a27407dde9a2775bcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-deployer-openshift v4.0.1@565e315dfddb8aee08fcfd885a27407dde9a2775bcgov/action-deployer-openshift v4.0.1@565e315dfddb8aee08fcfd885a27407dde9a2775ubuntu 24.04ubuntu 24.04ubuntu 24.04ubuntu 24.04.github/workflows/.tools-cleanup.yml (3)
bcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fubuntu 24.04.github/workflows/.tools-deploy.yml (13)
bcgov/action-builder-ghcr v4.2.1@2b24ac7f95e6a019064151498660437cca3202c5bcgov/action-builder-ghcr v4.2.1@2b24ac7f95e6a019064151498660437cca3202c5bcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-deployer-openshift v4.0.1@565e315dfddb8aee08fcfd885a27407dde9a2775bcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fbcgov/action-oc-runner v1.4.1@d2fc921aaa9d70684c186dbb7754e6985d44d86fubuntu 24.04ubuntu 24.04ubuntu 24.04ubuntu 24.04ubuntu 24.04.github/workflows/analysis.yml (5)
actions/checkout v6aquasecurity/trivy-action 0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1github/codeql-action v4ubuntu 24.04ubuntu 24.04.github/workflows/issue-gherkin.yml (5)
actions/checkout v6bcgov/action-gherkin-issue-processor v1.1.3@996c4dd154e93e49a3ddeead7c26c18c3a1602f3Andro999b/push v1.3@c77535fe7a94645f7ceca83e48e6cc977620710epeter-evans/create-pull-request v8@c0f553fe549906ede9cf27b5156039d195d2ece0ubuntu 24.04.github/workflows/merge.yml (8)
bcgov/action-get-pr v0.1.1@bfa713a9ab410c0f0c13126c35983934fc80d15bshrink/actions-docker-registry-tag v4@f04afd0559f66b288586792eb150f45136a927faactions/checkout v6TriPSs/conventional-changelog-action v6@84dadaf2c367cb52af02737cd9c7e888807219e7softprops/action-gh-release v2@153bb8e04406b158c6c84fc1615b65b24149a1feubuntu 24.04ubuntu 24.04ubuntu 24.04.github/workflows/pr-close.yml (3)
bcgov/quickstart-openshift-helpers v1.1.0@ca6579bdadf383a2513397081f963889b92823a4shrink/actions-docker-registry-tag v4@f04afd0559f66b288586792eb150f45136a927faubuntu 24.04.github/workflows/pr-open.yml (5)
bcgov/action-builder-ghcr v4.2.1@2b24ac7f95e6a019064151498660437cca3202c5bcgov/action-builder-ghcr v4.2.1@2b24ac7f95e6a019064151498660437cca3202c5ubuntu 24.04ubuntu 24.04ubuntu 24.04.github/workflows/pr-validate.yml (3)
bcgov/quickstart-openshift-helpers v1.1.0@ca6579bdadf383a2513397081f963889b92823a4ubuntu 24.04ubuntu 24.04.github/workflows/reporting.yml (3)
bcgov/quickstart-openshift-helpers v1.1.0@ca6579bdadf383a2513397081f963889b92823a4zaproxy/action-full-scan v0.13.0@3c58388149901b9a03b7718852c5ba889646c27cubuntu 24.04.github/workflows/reusable-tests-be.yml (7)
bcgov/action-test-and-analyse-java v1.1.0@7c7309721cae054b3e837c723afa4efb4b1a256dbcgov/action-test-and-analyse-java v1.1.0@7c7309721cae054b3e837c723afa4efb4b1a256dbcgov/action-test-and-analyse-java v1.1.0@7c7309721cae054b3e837c723afa4efb4b1a256dactions/upload-artifact v7mikepenz/action-junit-report v6@49b2ca06f62aa7ef83ae6769a2179271e160d8e4madrapps/jacoco-report v1.6@94dfcf8dae9680be2cfa714ca37fb37790bd7663ubuntu 24.04.github/workflows/reusable-tests-fe.yml (3)
bcgov/action-test-and-analyse v2.0.0@8f699e3fd3fadd9a6adf6f4b1f2638ef7ecfefb9actions/upload-artifact v7ubuntu 24.04
maven (3)
backend/pom.xml (40)
org.springframework.boot:spring-boot-starter-parent 3.5.11→ [Updates:4.0.3]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]io.opentelemetry:opentelemetry-exporter-zipkin 1.60.1org.postgresql:postgresql 42.7.10org.flywaydb:flyway-core 11.11.0→ [Updates:11.20.3,12.1.0]org.flywaydb:flyway-database-postgresql 11.11.0→ [Updates:11.20.3,12.1.0]junit:junit 4.13.2org.apache.commons:commons-lang3 3.20.0org.apache.commons:commons-text 1.15.0com.flipkart.zjsonpatch:zjsonpatch 0.4.16org.junit.jupiter:junit-jupiter-params 6.0.3org.testcontainers:testcontainers 1.21.4→ [Updates:2.0.3]org.testcontainers:junit-jupiter 1.21.4org.testcontainers:r2dbc 1.21.4org.testcontainers:postgresql 1.21.4org.wiremock:wiremock-standalone 3.13.2org.springframework:spring-web 6.2.16→ [Updates:6.2.17,7.0.5]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]org.testcontainers:testcontainers-bom 1.21.4→ [Updates:2.0.3]io.micrometer:micrometer-bom 1.16.3→ [Updates:1.16.4]io.micrometer:micrometer-tracing-bom 1.6.3→ [Updates:1.6.4]org.seleniumhq.selenium:selenium-bom 4.41.0org.junit:junit-bom 6.0.3junit:junit 4.13.2org.mockito:mockito-bom 5.22.0→ [Updates:5.23.0]org.jooq:jooq-bom 3.20.11org.springframework.security:spring-security-core 6.5.8→ [Updates:6.5.9,7.0.3]org.springframework.security:spring-security-crypto 6.5.8→ [Updates:6.5.9,7.0.3]com.nimbusds:nimbus-jose-jwt 10.8org.apache.commons:commons-lang3 3.20.0org.apache.maven.plugins:maven-resources-plugin 3.5.0org.apache.maven.plugins:maven-failsafe-plugin 3.5.5org.apache.maven.plugins:maven-surefire-plugin 3.5.5org.jacoco:jacoco-maven-plugin 0.8.14org.apache.maven.plugins:maven-javadoc-plugin 3.12.0org.apache.maven.plugins:maven-enforcer-plugin 3.6.2org.apache.maven.plugins:maven-checkstyle-plugin 3.6.0org.cyclonedx:cyclonedx-maven-plugin 2.9.1legacy/pom.xml (27)
org.springframework.boot:spring-boot-starter-parent 3.5.11→ [Updates:4.0.3]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]io.opentelemetry:opentelemetry-exporter-zipkin 1.60.1org.apache.commons:commons-lang3 3.20.0org.mapstruct:mapstruct 1.6.3org.mapstruct:mapstruct-processor 1.6.3com.flipkart.zjsonpatch:zjsonpatch 0.4.16org.testcontainers:oracle-xe 1.21.4org.flywaydb:flyway-core 11.11.0→ [Updates:11.20.3,12.1.0]org.flywaydb:flyway-database-oracle 11.11.0→ [Updates:11.20.3,12.1.0]org.springframework:spring-web 6.2.16→ [Updates:6.2.17,7.0.5]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]org.testcontainers:testcontainers-bom 1.21.4→ [Updates:2.0.3]org.seleniumhq.selenium:selenium-bom 4.41.0org.mockito:mockito-bom 5.22.0→ [Updates:5.23.0]com.oracle.database.jdbc:ojdbc11 23.26.1.0.0org.apache.commons:commons-lang3 3.20.0org.apache.maven.plugins:maven-resources-plugin 3.5.0org.apache.maven.plugins:maven-failsafe-plugin 3.5.5org.apache.maven.plugins:maven-surefire-plugin 3.5.5org.jacoco:jacoco-maven-plugin 0.8.14org.apache.maven.plugins:maven-javadoc-plugin 3.12.0org.apache.maven.plugins:maven-enforcer-plugin 3.6.2org.apache.maven.plugins:maven-checkstyle-plugin 3.6.0org.cyclonedx:cyclonedx-maven-plugin 2.9.1processor/pom.xml (25)
org.springframework.boot:spring-boot-starter-parent 3.5.11→ [Updates:4.0.3]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]io.opentelemetry:opentelemetry-exporter-zipkin 1.60.1org.postgresql:postgresql 42.7.10org.apache.commons:commons-lang3 3.20.0org.flywaydb:flyway-core 11.11.0→ [Updates:11.20.3,12.1.0]org.flywaydb:flyway-database-postgresql 11.11.0→ [Updates:11.20.3,12.1.0]org.junit.jupiter:junit-jupiter-params 6.0.3org.wiremock:wiremock-standalone 3.13.2org.springframework:spring-web 6.2.16→ [Updates:6.2.17,7.0.5]ch.qos.logback:logback-core 1.5.26→ [Updates:1.5.32]ch.qos.logback:logback-classic 1.5.26→ [Updates:1.5.32]org.testcontainers:testcontainers-bom 1.21.4→ [Updates:2.0.3]org.junit:junit-bom 6.0.3junit:junit 4.13.2org.apache.commons:commons-lang3 3.20.0org.apache.maven.plugins:maven-resources-plugin 3.5.0org.apache.maven.plugins:maven-failsafe-plugin 3.5.5org.apache.maven.plugins:maven-surefire-plugin 3.5.5org.jacoco:jacoco-maven-plugin 0.8.14org.apache.maven.plugins:maven-javadoc-plugin 3.12.0org.apache.maven.plugins:maven-enforcer-plugin 3.6.2org.apache.maven.plugins:maven-checkstyle-plugin 3.6.0org.cyclonedx:cyclonedx-maven-plugin 2.9.1
maven-wrapper (9)
backend/.mvn/wrapper/maven-wrapper.properties (1)
maven 3.9.14backend/mvnw (1)
maven-wrapper 3.3.4backend/mvnw.cmd (1)
maven-wrapper 3.3.4legacy/.mvn/wrapper/maven-wrapper.properties (1)
maven 3.9.14legacy/mvnw (1)
maven-wrapper 3.3.4legacy/mvnw.cmd (1)
maven-wrapper 3.3.4processor/.mvn/wrapper/maven-wrapper.properties (1)
maven 3.9.14processor/mvnw (1)
maven-wrapper 3.3.4processor/mvnw.cmd (1)
maven-wrapper 3.3.4
npm (2)
cypress/package.json (15)
@badeball/cypress-cucumber-preprocessor ^24.0.1@bahmutov/cypress-esbuild-preprocessor ^2.2.8@cypress/webpack-preprocessor ^7.0.2cypress ^13.15.1→ [Updates:^15.0.0]ts-loader ^9.5.4typescript ^5.9.3webpack ^5.105.4serialize-javascript ^7.0.0diff ^8.0.2undici ^6.24.0→ [Updates:^7.0.0]qs 6.15.0form-data 4.0.5tmp ^0.2.4glob 11.1.0→ [Updates:13.0.6]glob 11.1.0→ [Updates:13.0.6]frontend/package.json (64)
@bcgov-nr/nr-fsa-theme ^1.1.3@bcgov/bc-sans ^2.1.0@carbon/icons-vue ^10.99.1@carbon/pictograms ^12.42.0@carbon/styles ^1.67.0@carbon/web-components ^2.12.0@vueuse/core ^14.0.0aws-amplify ^6.16.2axios ^1.13.5date-fns ^4.1.0dotenv ^17.0.0fast-json-patch ^3.1.1vue ^3.5.13vue-dompurify-html ^5.3.0vue-router ^5.0.0vue-the-mask ^0.11.1@cypress/code-coverage ^4.0.1@eslint/js ^9.39.4→ [Updates:^10.0.0]@types/jsdom ^27.0.0→ [Updates:^28.0.0]@types/node ^24.0.3@typescript-eslint/eslint-plugin ^8.57.0@typescript-eslint/parser ^8.57.0@vitejs/plugin-vue ^5.2.1→ [Updates:^6.0.0]@vitest/coverage-istanbul ^3.0.5→ [Updates:^4.0.0]@vue/eslint-config-prettier ^10.2.0@vue/eslint-config-typescript ^14.7.0@vue/test-utils ^2.4.0@vue/tsconfig ^0.9.0cross-env ^10.0.0cypress ^15.11.0eslint ^9.39.4→ [Updates:^10.0.0]eslint-config-prettier ^10.1.8eslint-import-resolver-typescript ^4.4.4eslint-plugin-cypress ^6.2.0eslint-plugin-import ^2.32.0eslint-plugin-vue ^10.8.0globals ^16.4.0→ [Updates:^17.0.0]istanbul-lib-coverage ^3.2.0istanbul-lib-instrument ^6.0.0jsdom ^27.0.0→ [Updates:^28.0.0]lcov-result-merger ^5.0.0nyc ^18.0.0prettier ^3.5.3sass ^1.97.3sass-loader ^16.0.7start-server-and-test ^2.0.12ts-node ^10.9.1typescript ~5.9.0unplugin-icons ^22.1.0→ [Updates:^23.0.0]unplugin-vue-components ^30.0.0→ [Updates:^31.0.0]vite ^5.4.10→ [Updates:^7.0.0]vite-plugin-istanbul ^5.0.0→ [Updates:^8.0.0]vitest ^3.0.5→ [Updates:^4.0.0]vue-component-type-helpers ^3.0.0vue-eslint-parser ^10.4.0vue-svg-loader ^0.16.0vue-tsc ^3.0.0wiremock ^3.13.2node ^22.13.0 || >=24immutable 5.1.5fast-xml-parser ^5.3.6→ [Updates:^5.3.6]qs 6.15.0tmp ^0.2.4js-yaml ^4.1.1
renovate-config-presets (1)
renovate.json (1)
bcgov/renovate-config 2025.10.1
- Check this box to trigger a request for Renovate to run again on this repository