Skip to content

Dependency DashboardΒ #1604

Open
Open
Dependency Dashboard#1604
@renovate

Description

@renovate
renovate
bot
opened on Sep 23, 2022

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

  • chore(deps): update actions/cache action to v5
  • chore(deps): update actions/checkout action to v6
  • chore(deps): update actions/setup-python action to v6
  • chore(deps): update aws-actions/amazon-ecr-login action to v2
  • chore(deps): update aws-actions/configure-aws-credentials action to v6
  • chore(deps): update cds-snc/security-tools action to v4
  • chore(deps): update dependency coveralls to v4
  • chore(deps): update dependency gprof2dot to v2025
  • chore(deps): update dependency html-validate to v10
  • chore(deps): update dependency jinja2-cli to v1
  • chore(deps): update dependency moto to v5
  • chore(deps): update dependency networkx to v3
  • chore(deps): update dependency pytest-cov to v7
  • chore(deps): update dependency pytest-env to v1
  • chore(deps): update dependency pytest-xdist to v3
  • chore(deps): update dependency types-mock to v5
  • chore(deps): update dependency types-pytz to v2026
  • chore(deps): update docker/setup-buildx-action action to v4
  • chore(deps): update dorny/paths-filter action to v4
  • chore(deps): update getsentry/action-github-app-token action to v4
  • chore(deps): update github artifact actions (major) (actions/download-artifact, actions/upload-artifact)
  • chore(deps): update github/codeql-action action to v4
  • chore(deps): update postgres docker tag to v18
  • chore(deps): update redis docker tag to v7
  • fix(deps): update dependency aws-embedded-metrics to v3
  • fix(deps): update dependency certifi to v2026
  • fix(deps): update dependency environs to v15
  • fix(deps): update dependency flask-marshmallow to v1
  • fix(deps): update dependency flask-migrate to v4
  • fix(deps): update dependency gevent to v26
  • fix(deps): update dependency gunicorn to v25
  • fix(deps): update dependency jsonschema to v4
  • fix(deps): update dependency markupsafe to v3
  • fix(deps): update dependency marshmallow-sqlalchemy to v1
  • fix(deps): update dependency more-itertools to v11
  • fix(deps): update dependency notifications-python-client to v10
  • fix(deps): update dependency pre-commit to v4
  • fix(deps): update dependency pwnedpasswords to v3
  • fix(deps): update dependency pytz to v2026
  • fix(deps): update dependency sqlalchemy to v2 (SQLAlchemy, sqlalchemy)
  • fix(deps): update dependency tldextract to v5
  • πŸ” Create all pending approval PRs at once πŸ”

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

  • chore(deps): update all non-major github action dependencies (actions/cache, actions/checkout, actions/download-artifact, actions/setup-python, actions/upload-artifact, aws-actions/configure-aws-credentials, cds-snc/notification-pr-bot, cds-snc/notification-utils, cds-snc/security-tools, docker/setup-buildx-action, dorny/paths-filter, github/codeql-action, postgres, python)
  • fix(deps): update all minor dependencies (apig-wsgi, aws-xray-sdk, cachelib, celery, click-datetime, cypress, flask-marshmallow, greenlet, idna, locust, mypy, postgres, pytest-mock, python, ruff, types-requests, typing-extensions, unidecode)
  • πŸ” Create all rate-limited PRs at once πŸ”

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

Detected Dependencies

devcontainer (1)
.devcontainer/devcontainer.json (1)
  • ghcr.io/devcontainers/features/node 1
docker-compose (1)
.devcontainer/docker-compose.yml (2)
  • postgres 16.11-bookworm@sha256:a2420e9555e2224583fe84d0bb3f0b967e69354ae3a0be55a9c14e251388c4eb β†’ [Updates: 16.12-bookworm, 18.2-bookworm]
  • redis 6.2@sha256:7919fdd5300e7abf7ae95919e6f144b37c55df16553302dbbcc7495a5aa0c079 β†’ [Updates: 7.0, 6.2]
dockerfile (5)
.devcontainer/Dockerfile (1)
  • mcr.microsoft.com/vscode/devcontainers/python 3.12-bookworm β†’ [Updates: 3.14-bookworm]
ci/Dockerfile (1)
  • python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 β†’ [Updates: 3.12-alpine3.20]
ci/Dockerfile.lambda (1)
  • python 3.12-slim@sha256:31a416db24bd8ade7dac5fd5999ba6c234d7fa79d4add8781e95f41b187f4c9a β†’ [Updates: 3.12-slim]
ci/Dockerfile.test (1)
  • python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 β†’ [Updates: 3.12-alpine3.20]
tests_nightly_performance/Dockerfile (1)
  • python 3.12-alpine3.20@sha256:5049c050bdc68575a10bcb1885baa0689b6c15152d8a56a7e399fb49f783bf98 β†’ [Updates: 3.12-alpine3.20]
github-actions (15)
.github/workflows/build_and_push_performance_test.yml (5)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • dorny/paths-filter v2.12.0@7267a8516b6f92bdb098633497bad573efdbf271 β†’ [Updates: v4.0.1]
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 β†’ [Updates: v4.3.1, v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
.github/workflows/codeql.yml (4)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 β†’ [Updates: v2.28.1, v4.35.2]
  • github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 β†’ [Updates: v2.28.1, v4.35.2]
  • github/codeql-action v2.24.10@ffd3158cb9024ebd018dbf20756f28befbd168c7 β†’ [Updates: v2.28.1, v4.35.2]
.github/workflows/dev_branch_build_push_images.yml (2)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • actions/upload-artifact v4 β†’ [Updates: v4.6.2, v7.0.1, v4]
.github/workflows/docker-vulnerability-scan.yml (6)
  • aws-actions/configure-aws-credentials v2.2.0@5fd3084fc36e372ff1fff382a39b10d03659f355 β†’ [Updates: v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
  • cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f β†’ [Updates: v3.2.1, v4.0.3]
  • aws-actions/configure-aws-credentials v2.2.0@5fd3084fc36e372ff1fff382a39b10d03659f355 β†’ [Updates: v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
  • cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f β†’ [Updates: v3.2.1, v4.0.3]
.github/workflows/docker.yaml (7)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • aws-actions/configure-aws-credentials master β†’ [Updates: master]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
  • aws-actions/configure-aws-credentials v2.2.0@5fd3084fc36e372ff1fff382a39b10d03659f355 β†’ [Updates: v6.1.0]
  • getsentry/action-github-app-token v1.0.6@38a3ce582e170ddfe8789f509597c6944f2292a9 β†’ [Updates: v4.0.0]
  • cds-snc/notification-pr-bot main β†’ [Updates: main]
  • cds-snc/security-tools v4.0.1@12a0cdea1c5a515dfcbe353693db804a1793c0ed β†’ [Updates: v4.0.3]
.github/workflows/lambda_production.yml (5)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 β†’ [Updates: v4.3.1, v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
  • docker/setup-buildx-action v3 β†’ [Updates: v3.12.0, v4.0.0, v3]
  • cds-snc/security-tools v4.0.1@12a0cdea1c5a515dfcbe353693db804a1793c0ed β†’ [Updates: v4.0.3]
.github/workflows/lambda_staging.yml (4)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 β†’ [Updates: v4.3.1, v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
  • docker/setup-buildx-action v3 β†’ [Updates: v3.12.0, v4.0.0, v3]
.github/workflows/performance.yml (4)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa β†’ [Updates: v4.9.1, v6.2.0]
  • actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 β†’ [Updates: v4.3.0, v5.0.5]
  • python 3.12 β†’ [Updates: 3.14]
.github/workflows/pr_docker_build_test.yml (2)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • docker/setup-buildx-action v3 β†’ [Updates: v3.12.0, v4.0.0, v3]
.github/workflows/renovate-agent.yml (5)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa β†’ [Updates: v4.9.1, v6.2.0]
  • actions/upload-artifact v4.6.0@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 β†’ [Updates: v4.6.2, v7.0.1]
  • postgres 16.11-bookworm@sha256:a2420e9555e2224583fe84d0bb3f0b967e69354ae3a0be55a9c14e251388c4eb β†’ [Updates: 16.12-bookworm, 18.2-bookworm]
  • python 3.12 β†’ [Updates: 3.14]
.github/workflows/reusable_push_ecr.yml (3)
  • actions/download-artifact v4 β†’ [Updates: v4.3.0, v8.0.1, v4]
  • aws-actions/configure-aws-credentials v4.1.0@ececac1a45f3b08a01d2dd070d28d111c5fe6722 β†’ [Updates: v4.3.1, v6.1.0]
  • aws-actions/amazon-ecr-login v1.7.1@5a88a04c91d5c6f97aae0d9be790e64d9b1d47b7 β†’ [Updates: v2.1.3]
.github/workflows/secret.yaml (2)
  • actions/checkout main β†’ [Updates: main]
  • cdssnc/seekret-github-action sha256:0aee6df949373ef6df26d35f6207b56f897ddd1caa030646d7421b0afb717665
.github/workflows/shellcheck.yml (1)
  • actions/checkout v2.7.0@ee0669bd1cc54295c223e0bb666b733df41de1c5 β†’ [Updates: v6.0.2]
.github/workflows/test_production_ff.yaml (7)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • dorny/paths-filter v3 β†’ [Updates: v3.0.3, v4.0.1, v3]
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa β†’ [Updates: v4.9.1, v6.2.0]
  • actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 β†’ [Updates: v4.3.0, v5.0.5]
  • postgres 16.11-bookworm@sha256:a2420e9555e2224583fe84d0bb3f0b967e69354ae3a0be55a9c14e251388c4eb β†’ [Updates: 16.12-bookworm, 18.2-bookworm]
  • python 3.12 β†’ [Updates: 3.14]
.github/workflows/test.yaml (9)
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • dorny/paths-filter v3 β†’ [Updates: v3.0.3, v4.0.1, v3]
  • actions/checkout v4.1.1@b4ffde65f46336ab88eb53be808477a3936bae11 β†’ [Updates: v4.3.1, v6.0.2]
  • actions/setup-python v4.8.0@b64ffcaf5b410884ad320a9cfac8866006a109aa β†’ [Updates: v4.9.1, v6.2.0]
  • actions/cache v4.2.0@1bd1e32a3bdc45362d1e726936510720a7c30a57 β†’ [Updates: v4.3.0, v5.0.5]
  • actions/upload-artifact v4.6.0@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 β†’ [Updates: v4.6.2, v7.0.1]
  • cds-snc/notification-utils 53.2.21 β†’ [Updates: 53.2.21]
  • postgres 16.11-bookworm@sha256:a2420e9555e2224583fe84d0bb3f0b967e69354ae3a0be55a9c14e251388c4eb β†’ [Updates: 16.12-bookworm, 18.2-bookworm]
  • python 3.12 β†’ [Updates: 3.14]
npm (1)
tests_cypress/package.json (11)
  • cypress-axe ^1.4.0
  • cypress-html-validate ^8.1.0
  • cypress-recurse ^1.23.0
  • imap-simple ^5.1.0
  • jsonwebtoken ^9.0.0 β†’ [Updates: ^9.0.0]
  • mailparser ^3.5.0 β†’ [Updates: ^3.5.0]
  • nodemailer ^6.9.2 β†’ [Updates: ^8.0.0]
  • form-data >=4.0.4
  • axe-core ^4.10.0 β†’ [Updates: ^4.10.0]
  • cypress ^15.12.0 β†’ [Updates: ^15.12.0]
  • html-validate ^8.10.0 β†’ [Updates: ^10.0.0]
pip_requirements (1)
tests-simulate-prod-data/requirements.txt (5)
  • click ==8.3.1 β†’ [Updates: ==8.3.2]
  • python-dateutil ==2.9.0.post0
  • python-dotenv ==1.0.1 β†’ [Updates: ==1.2.2]
  • sqlalchemy ==1.4.54 β†’ [Updates: ==2.0.49]
  • psycopg2-binary ==2.9.11 β†’ [Updates: ==2.9.12]
poetry (1)
pyproject.toml (80)
  • poetry-core >=1.7.1
  • python ~3.12.7 β†’ [Updates: ~3.14.0]
  • apig-wsgi 2.18.0 β†’ [Updates: 2.20.0]
  • aws-embedded-metrics 1.0.8 β†’ [Updates: 3.5.0]
  • aws-xray-sdk 2.14.0 β†’ [Updates: 2.15.0]
  • awscli-cwlogs 1.4.6
  • boto 2.49.0
  • cachelib 0.12.0 β†’ [Updates: 0.13.0]
  • celery 5.4.0 β†’ [Updates: 5.6.3]
  • certifi ^2024.0.0 β†’ [Updates: ^2026.0.0]
  • cffi 2.0.0
  • click-datetime 0.2 β†’ [Updates: 0.4.0]
  • docopt 0.6.2
  • environs 9.5.0 β†’ [Updates: 15.0.1]
  • fido2 ^2.2.0
  • Flask 2.3.3 β†’ [Updates: 3.1.3]
  • Flask-Bcrypt 1.0.1
  • flask-marshmallow 0.14.0 β†’ [Updates: 0.15.0, 1.5.0]
  • Flask-Migrate 2.7.0 β†’ [Updates: 4.1.0]
  • Flask-SQLAlchemy 500e732dd1b975a56ab06a46bd1a20a21e682262 β†’ [Updates: undefined]
  • gevent 23.9.1 β†’ [Updates: 26.4.0]
  • greenlet 3.1.1 β†’ [Updates: 3.4.0]
  • gunicorn 23.0.0 β†’ [Updates: 25.3.0]
  • idna 3.7 β†’ [Updates: 3.11]
  • iso8601 2.1.0
  • urllib3 >=2.6.3,<3
  • itsdangerous 2.2.0
  • jsonschema 3.2.0 β†’ [Updates: 4.26.0]
  • MarkupSafe 2.1.5 β†’ [Updates: 3.0.3]
  • marshmallow 3.22.0 β†’ [Updates: 3.26.2]
  • marshmallow-sqlalchemy 0.30.0 β†’ [Updates: 1.5.0]
  • more-itertools 8.14.0 β†’ [Updates: 11.0.2]
  • nanoid 2.0.0
  • notifications-python-client 6.4.1 β†’ [Updates: 10.0.1]
  • opentelemetry-instrumentation-celery 0.55b1
  • opentelemetry-instrumentation-flask 0.55b1
  • opentelemetry-instrumentation-redis 0.55b1
  • opentelemetry-instrumentation-sqlalchemy 0.55b1
  • pre-commit ^3.7.1 β†’ [Updates: ^4.0.0]
  • psycopg2-binary 2.9.11 β†’ [Updates: 2.9.12]
  • pwnedpasswords 2.0.0 β†’ [Updates: 3.1.0]
  • pyairtable ^3.3.0
  • PyJWT 2.12.0 β†’ [Updates: 2.12.1]
  • python-dotenv 1.0.1 β†’ [Updates: 1.2.2]
  • python-magic 0.4.27
  • pytz 2021.3 β†’ [Updates: 2026.1.post1]
  • PyYAML 6.0.3
  • simple-salesforce ^1.12.3
  • SQLAlchemy 1.4.54 β†’ [Updates: 2.0.49]
  • tldextract 3.5.0 β†’ [Updates: 5.3.1]
  • typing-extensions 4.12.2 β†’ [Updates: 4.15.0]
  • unidecode 1.3.8 β†’ [Updates: 1.4.0]
  • Werkzeug 3.0.6 β†’ [Updates: 3.1.6]
  • coveralls 3.3.1 β†’ [Updates: 4.1.0]
  • freezegun 1.5.5
  • gprof2dot 2024.6.6 β†’ [Updates: 2025.4.14]
  • jinja2-cli 0.8.2 β†’ [Updates: 1.0.1]
  • locust 2.31.3 β†’ [Updates: 2.43.4]
  • moto 4.2.14 β†’ [Updates: 5.1.22]
  • mypy 1.5 β†’ [Updates: 1.20.1]
  • networkx 2.8.8 β†’ [Updates: 3.6.1]
  • pytest 7.4.4 β†’ [Updates: 9.0.3]
  • pytest-cov 3.0.0 β†’ [Updates: 7.1.0]
  • pytest-env 0.8.2 β†’ [Updates: 1.6.0]
  • pytest-mock 3.14.0 β†’ [Updates: 3.15.1]
  • pytest-mock-resources 2.12.4
  • pytest-xdist 2.5.0 β†’ [Updates: 3.8.0]
  • requests-mock 1.12.1
  • rfc3987 1.3.8
  • ruff ^0.8.2 β†’ [Updates: ^0.15.0]
  • snakeviz 2.2.2
  • sqlalchemy2-stubs 0.0.2a38
  • strict-rfc3339 0.7
  • tornado >=6.5
  • types-boto 2.49.18.20241019
  • types-mock 4.0.15.2 β†’ [Updates: 5.2.0.20260408]
  • types-python-dateutil 2.9.0.20251115 β†’ [Updates: 2.9.0.20260408]
  • types-pytz 2022.7.1.2 β†’ [Updates: 2026.1.1.20260408]
  • types-redis 4.6.0.20241004
  • types-requests 2.32.4.20250913 β†’ [Updates: 2.33.0.20260408]
renovate-config-presets (1)
renovate.json
  • Check this box to trigger a request for Renovate to run again on this repository

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions