Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

• Update gcr.io/distroless/static Docker digest to 95ea148
• Update returntocorp/semgrep-action digest to 713efdd
• Update reviewdog/action-golangci-lint digest to f9bba13
• Update actions/checkout action to v4
• Update actions/setup-go action to v5
• Update docker/login-action action to v3
• Update github/codeql-action action to v3
• Update goreleaser/goreleaser-action action to v6
• Update module github.com/sethvargo/go-envconfig to v1
• Update peter-evans/create-pull-request action to v7
• 🔐 Create all rate-limited PRs at once 🔐

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

• Update sigstore/cosign-installer digest
• Update all non-major dependencies (actions/checkout, anchore/sbom-action, dev-drprasad/delete-tag-and-release, docker/login-action, github.com/fatih/color, github.com/go-logr/logr, github.com/gruntwork-io/terratest, github.com/sethvargo/go-envconfig, github.com/stretchr/testify, go.opentelemetry.io/contrib/propagators/aws, go.opentelemetry.io/otel, go.opentelemetry.io/otel/exporters/otlp/otlptrace, go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp, go.opentelemetry.io/otel/sdk, go.opentelemetry.io/otel/trace, go.uber.org/zap, jaegertracing/all-in-one, k8s.io/api, k8s.io/apiextensions-apiserver, k8s.io/apimachinery, k8s.io/client-go, mathieudutour/github-tag-action, otel/opentelemetry-collector, philips-labs/slsa-provenance-action, sigs.k8s.io/controller-runtime, step-security/harden-runner)

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package dev-drprasad/delete-tag-and-release), Could not determine new digest for update (github-tags package dave-mcconnell/helm-gh-pages-microservices).

Files affected: .github/workflows/cut_release.yaml, .github/workflows/helm_publish.yaml

---

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update docker.io/golang Docker digest to 52ff1b3
• Update github/codeql-action digest to b8d3b6e
• Update goreleaser/goreleaser-action digest to 5fdedb9
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• Update sigstore/cosign-installer action to v3

Detected dependencies

dockerfile

Dockerfile

• gcr.io/distroless/static sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

Dockerfile.multistage

• docker.io/golang sha256:2b1cbf278ce05a2a310a3d695ebb176420117a8cfcfcc4e5e68a1bef5f6354da
• gcr.io/distroless/static sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac

github-actions

.github/workflows/check_values_schema.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• ubuntu 24.04

.github/workflows/ci.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• reviewdog/action-golangci-lint v2@94d61e3205b61acf4ddabfeb13c5f8a13eb4167b
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• actions/setup-go v4@93397bea11091df50f3d7e59dc26a7711a8bcfbe
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• actions/setup-go v4@93397bea11091df50f3d7e59dc26a7711a8bcfbe
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/codeql.yaml

• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• github/codeql-action v2@a073c66b2accf653a511d88537804dcafa07812e
• github/codeql-action v2@a073c66b2accf653a511d88537804dcafa07812e
• github/codeql-action v2@a073c66b2accf653a511d88537804dcafa07812e

.github/workflows/cut_release.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• mathieudutour/github-tag-action v6.1@fcfbdceb3093f6d85a3b194740f8c6cec632f4e2
• dev-drprasad/delete-tag-and-release v0.2.0@085c6969f18bad0de1b9f3fe6692a3cd01f64fe5
• ubuntu 24.04

.github/workflows/helm_docs.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• jnorwood/helm-docs sha256:7e562b49ab6b1dbc50c3da8f2dd6ffa8a5c6bba327b1c6335cc15ce29267979c
• peter-evans/create-pull-request v5@4e1beaa7521e8b457b572c090b25bd3db56bf1c5

.github/workflows/helm_publish.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• dave-mcconnell/helm-gh-pages-microservices v1.5.0@8478af5f0fd712cc0fb59f2c99e0688f3f591287
• benc-uk/workflow-dispatch v1@e2e5e9a103e331dad343f381a29e654aea3cf8fc
• ubuntu 24.04

.github/workflows/krew_pr.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• peter-evans/create-pull-request v5@4e1beaa7521e8b457b572c090b25bd3db56bf1c5
• ubuntu 24.04

.github/workflows/olm_pr.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• peter-evans/create-pull-request v5@4e1beaa7521e8b457b572c090b25bd3db56bf1c5
• ubuntu 24.04

.github/workflows/release-kubectl-plugin.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• peter-evans/create-pull-request v5@4e1beaa7521e8b457b572c090b25bd3db56bf1c5
• ubuntu 24.04

.github/workflows/release.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• actions/setup-go v4@93397bea11091df50f3d7e59dc26a7711a8bcfbe
• sigstore/cosign-installer 4079ad3567a89f68395480299c77e40170430341
• anchore/sbom-action v0.13.1@06e109483e6aa305a2b2395eabae554e51530e1d
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• goreleaser/goreleaser-action v4@8f67e590f2d095516493f017008adc464e63adb1
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• sigstore/cosign-installer v2.8.1@9becc617647dfa20ae7b1151972e9b3a2c338a2b
• anchore/sbom-action v0.13.1@06e109483e6aa305a2b2395eabae554e51530e1d
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• philips-labs/slsa-provenance-action v0.8.0@752766b8a3b1ebd09d599e163eeec8fa39e677aa
• sigstore/cosign-installer v2.8.1@9becc617647dfa20ae7b1151972e9b3a2c338a2b
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• sigstore/cosign-installer v2.8.1@9becc617647dfa20ae7b1151972e9b3a2c338a2b
• philips-labs/slsa-provenance-action v0.8.0@752766b8a3b1ebd09d599e163eeec8fa39e677aa
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• docker/login-action v2.1.0@f4ef78c080cd8ba55a85445d5b36e214a81df20a
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/semgrep.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• returntocorp/semgrep-action v1@316a1751c53ffb6689b8726910e8204ffb591b4f
• github/codeql-action v2@a073c66b2accf653a511d88537804dcafa07812e

.github/workflows/sync_gh-pages.yaml

• step-security/harden-runner v2.0.0@ebacdc22ef6c2cfb85ee5ded8f2e640f4c776dd5
• actions/checkout v3.1.0@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
• EndBug/add-and-commit v9@a94899bca583c204427a224a7af87c02f9b325d5
• ubuntu 24.04

gomod

e2e-test/go.mod

• go 1.19
• github.com/franela/goblin v0.0.0-20211003143422-0a4f594942bf@0a4f594942bf
• github.com/gruntwork-io/terratest v0.41.4
• github.com/jkremser/log2rbac-operator v0.0.5
• k8s.io/api v0.25.4
• k8s.io/apiextensions-apiserver v0.25.4
• k8s.io/apimachinery v0.25.4
• k8s.io/client-go v0.25.4

go.mod

• go 1.19
• github.com/fatih/color v1.13.0
• github.com/go-logr/logr v1.2.3
• github.com/sethvargo/go-envconfig v0.8.3
• github.com/stretchr/testify v1.8.1
• go.opentelemetry.io/contrib/propagators v0.22.0
• go.opentelemetry.io/contrib/propagators/aws v1.12.0
• go.opentelemetry.io/otel v1.11.2
• go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.11.2
• go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.11.2
• go.opentelemetry.io/otel/sdk v1.11.2
• go.opentelemetry.io/otel/trace v1.11.2
• go.uber.org/zap v1.24.0
• k8s.io/api v0.25.4
• k8s.io/apimachinery v0.25.4
• k8s.io/client-go v0.25.4
• sigs.k8s.io/controller-runtime v0.13.1

helm-values

helm-chart/log2rbac-operator/values.yaml

• otel/opentelemetry-collector 0.66.0
• jaegertracing/all-in-one 1.39.0

kustomize

config/manager/kustomization.yaml

---

• Check this box to trigger a request for Renovate to run again on this repository