This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.View this repository on the Mend.io Web Portal .
Deprecations / Replacements
The following dependencies are either deprecated or have replacements available.
Pending Approval
The following branches are pending approval. To create them, click on a checkbox below.
PR Edited (Blocked)
The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
chore(deps): update dependency jsrsasign to v11.1.1 [security] chore(deps): update dependency mailparser to v3.9.3 [security] chore(deps): update dependency pytest to v9 [security] fix(deps): update dependency flask to v3 [security] fix(deps): update dependency nodemailer to v8 [security] fix(deps): update all patch dependencies (axe-core, boto3, debugpy, mochawesome-merge, nanoid, tailwindcss, translate-toolkit, types-python-dateutil)chore(deps): update all non-major github action dependencies (actions/cache, actions/checkout, actions/download-artifact, actions/setup-node, actions/setup-python, actions/upload-artifact, aws-actions/configure-aws-credentials, cds-snc/notification-pr-bot, cds-snc/notification-utils, cds-snc/security-tools, docker/setup-buildx-action, github/codeql-action, postgres, python, redis)fix(deps): update all minor dependencies (aws-xray-sdk, certifi, greenlet, mypy, poethepoet, python, ruff, types-requests, unidecode)chore(deps): lock file maintenance Click on this checkbox to rebase all open PRs at once
Detected Dependencies
devcontainer (1)
.devcontainer/devcontainer.json (2)
ghcr.io/devcontainers/features/node 1node 20.20.2 → [Updates: 24.14.1]
docker-compose (1)
.devcontainer/docker-compose.yml
dockerfile (4)
.devcontainer/Dockerfile (1)
mcr.microsoft.com/vscode/devcontainers/python 3.12-bookworm → [Updates: 3.14-bookworm]
ci/Dockerfile
ci/Dockerfile.lambda (2)
python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 → [Updates: 3.12-alpine3.20]python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 → [Updates: 3.12-alpine3.20]
ci/Dockerfile.test (1)
python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 → [Updates: 3.12-alpine3.20]
github-actions (15)
.github/workflows/call-manifests-update-docker-tag.yaml (1)
actions/checkout v2 → [Updates: v2.7.0, v6.0.2, v2]
.github/workflows/codeql.yml (4)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 → [Updates: v2.28.1, v4.35.1]github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 → [Updates: v2.28.1, v4.35.1]github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 → [Updates: v2.28.1, v4.35.1]
.github/workflows/cypress-e2e.yml (15)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa → [Updates: v4.9.1, v6.2.0]actions/setup-node v4.2.0@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a → [Updates: v4.4.0, v6.3.0]actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 → [Updates: v4.3.0, v5.0.4]actions/checkout v3 → [Updates: v3.6.0, v6.0.2, v3]actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa → [Updates: v4.9.1, v6.2.0]actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 → [Updates: v4.3.0, v5.0.4]aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]cypress-io/github-action v5.8.4@248bde77443c376edc45906ede03a1aba9da0462 → [Updates: v7.1.9]actions/upload-artifact v4 → [Updates: v4.6.2, v7.0.1, v4]postgres 11.17-bullseye → [Updates: 11.22-bullseye, 17.5-bullseye]redis 6.2@sha256:9e75c88539241ad7f61bc9c39ea4913b354064b8a75ca5fc40e1cef41b645bc0 → [Updates: 8.6, 6.2]python 3.12 → [Updates: 3.14]node 20.x → [Updates: 24.x]python 3.12 → [Updates: 3.14]
.github/workflows/cypress-staging.yaml (5)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/setup-node v3.8.2@1a4442cacd436585916779262731d5b162bc6ec7 → [Updates: v3.9.1, v6.3.0]cypress-io/github-action v5.8.4@248bde77443c376edc45906ede03a1aba9da0462 → [Updates: v7.1.9]actions/upload-artifact v4 → [Updates: v4.6.2, v7.0.1, v4]node 20.x → [Updates: 24.x]
.github/workflows/dev_branch_build_push_images.yml (2)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/upload-artifact v4 → [Updates: v4.6.2, v7.0.1, v4]
.github/workflows/docker-vulnerability-scan.yml (3)
aws-actions/configure-aws-credentials v2.2.0@5fd3084fc36e372ff1fff382a39b10d03659f355 → [Updates: v6.1.0]aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 → [Updates: v2.1.2]cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f → [Updates: v3.2.1, v4.0.3]
.github/workflows/docker.yaml (7)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]aws-actions/configure-aws-credentials master → [Updates: master]aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 → [Updates: v2.1.2]actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]getsentry/action-github-app-token v2.0.0@97c9e23528286821f97fba885c1b1123284b29cc → [Updates: v4.0.0]cds-snc/notification-pr-bot main → [Updates: main]cds-snc/security-tools v4.0.1@12a0cdea1c5a515dfcbe353693db804a1793c0ed → [Updates: v4.0.3]
.github/workflows/reusable_push_ecr.yml (3)
actions/download-artifact v4 → [Updates: v4.3.0, v8.0.1, v4]aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 → [Updates: v2.1.2]
.github/workflows/secret.yaml (2)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]cdssnc/seekret-github-action sha256:0aee6df949373ef6df26d35f6207b56f897ddd1caa030646d7421b0afb717665
.github/workflows/test_endpoints.yaml (5)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa → [Updates: v4.9.1, v6.2.0]actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 → [Updates: v4.3.0, v5.0.4]cds-snc/notification-utils 53.2.22 → [Updates: 53.2.22]python 3.12 → [Updates: 3.14]
.github/workflows/test_prod_config.yaml (6)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa → [Updates: v4.9.1, v6.2.0]actions/setup-node v4.2.0@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a → [Updates: v4.4.0, v6.3.0]actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 → [Updates: v4.3.0, v5.0.4]python 3.12 → [Updates: 3.14]node 20.x → [Updates: 24.x]
.github/workflows/test-admin-delete-unused.yaml (1)
aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]
.github/workflows/test-admin-deploy.yaml (6)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 → [Updates: v2.1.2]docker/setup-buildx-action v3 → [Updates: v3.12.0, v4.0.0, v3]aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]actions/github-script v6.4.1@d7906e4ad0b1822421a7e6a35d5ca353c962f410 → [Updates: v9.0.0]
.github/workflows/test-admin-remove.yaml (1)
aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 → [Updates: v4.3.1, v6.1.0]
.github/workflows/test.yaml (6)
actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 → [Updates: v4.3.1, v6.0.2]actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa → [Updates: v4.9.1, v6.2.0]actions/setup-node v4.2.0@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a → [Updates: v4.4.0, v6.3.0]actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 → [Updates: v4.3.0, v5.0.4]python 3.12 → [Updates: 3.14]node 20.x → [Updates: 24.x]
npm (2)
package.json (77)
@babel/plugin-proposal-class-properties ^7.14.5@cdssnc/sanitize-pii ^2.0.0@fortawesome/fontawesome-svg-core ^6.6.0 → [Updates: ^7.0.0]@fortawesome/free-solid-svg-icons ^6.6.0 → [Updates: ^7.0.0]@tiptap/extension-blockquote ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-bold ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-bullet-list ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-document ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-hard-break ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-heading ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-history ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-horizontal-rule ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-italic ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-link ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-list-item ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-ordered-list ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-paragraph ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-text ^3.15.3 → [Updates: ^3.15.3]@tiptap/extension-text-align ^3.15.3 → [Updates: ^3.15.3]@tiptap/pm ^3.15.3 → [Updates: ^3.15.3]@tiptap/react ^3.15.3 → [Updates: ^3.15.3]@tiptap/starter-kit ^3.15.3 → [Updates: ^3.15.3]accessible-autocomplete ^2.0.4 → [Updates: ^3.0.0]braces ^3.0.3dayjs ^1.11.13diff-dom 4.2.8 → [Updates: 5.2.1]form-data >=4.0.4govuk_frontend_toolkit 9.0.1hogan 1.0.2jquery ^3.6.0 → [Updates: ^4.0.0]jquery-migrate ^3.3.2 → [Updates: ^4.0.0]lucide-react ^0.577.0 → [Updates: ^1.0.0]moment ^2.29.4node-polyglot ^2.4.2prosemirror-markdown ^1.13.2query-command-supported 1.0.0react ^18.3.1 → [Updates: ^19.0.0]react-dom ^18.3.1 → [Updates: ^19.0.0]textarea-caret 3.1.0tiptap-markdown ^0.9.0@babel/core ^7.25.7@babel/preset-env ^7.25.7@babel/preset-react ^7.14.5@fullhuman/postcss-purgecss ^3.1.3 → [Updates: ^8.0.0]@testing-library/jest-dom ^6.5.0autoprefixer ^9.8.8 → [Updates: ^10.0.0]axe-cli 3.2.1babel-loader ^8.2.2 → [Updates: ^10.0.0]babel-plugin-syntax-dynamic-import ^6.18.0chromedriver ^135.0.0 → [Updates: ^147.0.0]css-loader ^3.6.0 → [Updates: ^7.0.0]cssnano ^5.0.0 → [Updates: ^7.0.0]file-loader ^6.2.0gulp 4.0.2 → [Updates: 5.0.1]gulp-add-src 1.0.0gulp-babel 8.0.0gulp-base64-inline 1.0.6gulp-clean-css ^4.3.0gulp-concat 2.6.1gulp-fa-minify ^6.0.1gulp-include 2.4.1gulp-jshint 2.1.0gulp-postcss ^9.0.0 → [Updates: ^10.0.0]gulp-prettyerror 2.0.0gulp-rename ^2.0.0gulp-uglify 3.0.2jest 29.7.0 → [Updates: 30.3.0]jest-environment-jsdom ^29.5.0 → [Updates: ^30.0.0]jshint 2.13.6mini-css-extract-plugin ^0.12.0 → [Updates: ^2.0.0]postcss-import ^12.0.1 → [Updates: ^16.0.0]postcss-loader ^4.3.0 → [Updates: ^8.0.0]style-loader ^1.3.0 → [Updates: ^4.0.0]tailwindcss 3.4.18 → [Updates: 3.4.19, 4.2.2]webpack ^5.57.1 → [Updates: ^5.57.1]webpack-cli ^4.8.0 → [Updates: ^7.0.0]node 20 → [Updates: 24]
tests_cypress/package.json (17)
cypress-recurse ^1.23.0form-data >=4.0.4html-validate ^8.7.1 → [Updates: ^10.0.0]imap-simple ^5.1.0jsrsasign ^11.0.0 → [Updates: ^11.0.0]mailparser ^3.7.1 → [Updates: ^3.7.1]nanoid ^5.0.4 → [Updates: ^5.0.4]nodemailer ^6.9.15 → [Updates: ^8.0.0]uuid ^11.1.0 → [Updates: ^13.0.0]axe-core ^4.7.2 → [Updates: ^4.7.2]cypress ^14.5.3 → [Updates: ^15.0.0]cypress-axe ^1.6.0cypress-html-validate ^7.1.0 → [Updates: ^8.0.0]cypress-real-events ^1.14.0mochawesome ^7.1.4mochawesome-merge ^5.1.0 → [Updates: ^5.1.0]mochawesome-report-generator ^6.3.2
poetry (1)
pyproject.toml (59)
poetry-core >=1.7.1python ~3.12.7 → [Updates: ~3.14.0]apig-wsgi 2.20.0aws-xray-sdk ^2.14.0 → [Updates: ^2.14.0]awscli-cwlogs ^1.4.6Babel 2.18.0blinker 1.9.0boto3 1.42.65 → [Updates: 1.42.88]certifi ^2024.0.0 → [Updates: ^2024.0.0, ^2026.0.0]debugpy ^1.8.12 → [Updates: ^1.8.12]email-validator 1.3.1 → [Updates: 2.3.0]environs 9.5.0 → [Updates: 15.0.1]Flask 2.3.3 → [Updates: 3.1.3]Flask-Babel 2.0.0 → [Updates: 4.0.0]Flask-Caching ^2.3.1 → [Updates: ^2.3.1]Flask-Login 0.6.3Flask-WTF 1.2.2gevent 23.9.1 → [Updates: 26.4.0]greenlet 3.3.2 → [Updates: 3.4.0]gunicorn 22.0.0 → [Updates: 25.3.0]itsdangerous 2.2.0notifications-python-client 6.4.1 → [Updates: 10.0.1]notifications-utils 53.2.22pwnedpasswords 2.0.0 → [Updates: 3.1.0]pyexcel 0.7.4pyexcel-io 0.6.7pyexcel-ods3 0.6.1pyexcel-xls 0.7.1pyexcel-xlsx 0.6.1python-dotenv 1.2.2pytz 2021.3 → [Updates: 2026.1.post1]PyYAML 6.0.3redis 3.5.3 → [Updates: 7.4.0]timeago 1.0.16translate-toolkit 3.19.3 → [Updates: 3.19.4]ua-parser 0.18.0 → [Updates: 1.0.2]unidecode ^1.3.8 → [Updates: ^1.3.8]user-agents 2.2.0validators ^0.35.0WTForms 3.2.1xlrd 1.2.0 → [Updates: 2.0.2]beautifulsoup4 4.14.3coveralls 1.11.1 → [Updates: 4.1.0]freezegun 1.5.5jinja2-cli ^0.8.2 → [Updates: ^1.0.0]monkeytype 23.3.0mypy 1.19.1 → [Updates: 1.20.0]poethepoet ^0.42.0 → [Updates: ^0.44.0]pre-commit ^3.7.1 → [Updates: ^4.0.0]pytest 8.4.2 → [Updates: 9.0.3]pytest-cov 2.12.1 → [Updates: 7.1.0]pytest-env 0.8.2 → [Updates: 1.6.0]pytest-mock 3.15.1pytest-xdist 2.5.0 → [Updates: 3.8.0]requests-mock 1.12.1ruff ^0.8.2 → [Updates: ^0.15.0]types-python-dateutil 2.9.0.20251115 → [Updates: 2.9.0.20260408]types-pytz 2021.3.8 → [Updates: 2026.1.1.20260408]types-requests 2.32.4.20250913 → [Updates: 2.33.0.20260408]
renovate-config-presets (1)
renovate.json
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Deprecations / Replacements
Warning
The following dependencies are either deprecated or have replacements available.
Pending Approval
The following branches are pending approval. To create them, click on a checkbox below.
actions/download-artifact,actions/upload-artifact)jest,jest-environment-jsdom)@fortawesome/fontawesome-svg-core,@fortawesome/free-solid-svg-icons)react,react-dom)PR Edited (Blocked)
The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
axe-core,boto3,debugpy,mochawesome-merge,nanoid,tailwindcss,translate-toolkit,types-python-dateutil)actions/cache,actions/checkout,actions/download-artifact,actions/setup-node,actions/setup-python,actions/upload-artifact,aws-actions/configure-aws-credentials,cds-snc/notification-pr-bot,cds-snc/notification-utils,cds-snc/security-tools,docker/setup-buildx-action,github/codeql-action,postgres,python,redis)aws-xray-sdk,certifi,greenlet,mypy,poethepoet,python,ruff,types-requests,unidecode)Detected Dependencies
devcontainer (1)
docker-compose (1)
dockerfile (4)
github-actions (15)
npm (2)
poetry (1)
renovate-config-presets (1)