Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Package lookup failures

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

• Update Helm release ccd to v9.2.1
• Update dependency @types/lodash to v4.17.7
• Update dependency com.fasterxml.jackson.datatype:jackson-datatype-joda to v2.17.2
• Update dependency node to v18.20.4
• Update dependency org.apache.pdfbox:pdfbox to v2.0.32
• Update dependency org.apache.tomcat.embed:tomcat-embed-core to v9.0.93
• Update dependency org.apache.tomcat.embed:tomcat-embed-websocket to v9.0.93
• Update dependency org.awaitility:awaitility to v4.2.2
• Update dependency org.pitest:pitest to v1.16.2
• Update dependency org.postgresql:postgresql to v42.7.4
• Update dependency org.projectlombok:lombok to v1.18.34
• Update dependency org.springframework.cloud:spring-cloud-starter-openfeign to v4.1.3
• Update plugin com.github.hmcts.rse-cft-lib to v0.19.1337
• Update plugin io.spring.dependency-management to v1.1.6
• Update spring security to v5.8.14 (org.springframework.security:spring-security-oauth2-core, org.springframework.security:spring-security-web, org.springframework.security:spring-security-crypto, org.springframework.security:spring-security-core, org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-oauth2-resource-server, org.springframework.security:spring-security-config)
• Update Terraform azuread to v2.53.1
• Update Terraform azurerm to v3.116.0
• Update babel monorepo (@babel/core, @babel/eslint-parser)
• Update dependency @axe-core/playwright to v4.10.0
• Update dependency @eslint/js to v9.9.1
• Update dependency ch.qos.logback:logback-classic to v1.5.7
• Update dependency com.fasterxml.jackson.core:jackson-databind to v2.17.2
• Update dependency hashicorp/terraform to v1.9.5
• Update dependency mocha to v10.7.3
• Update dependency org.yaml:snakeyaml to v2.3
• Update dependency qs to v6.13.0
• Update dependency typescript to v5.5.4
• Update dependency webdriverio to v8.40.5
• Update playwright monorepo to v1.46.1 (@playwright/test, playwright-core)
• Update plugin org.owasp.dependencycheck to v9.2.0
• Update Terraform azurerm to v4
• Update Yarn to v4
• Update dependency checkstyle to v10
• Update dependency dateformat to v5
• Update dependency eslint to v9
• Update dependency glob to v11
• Update dependency gradle to v8
• Update dependency husky to v9
• Update dependency io.github.openfeign:feign-core to v13
• Update dependency mochawesome to v7
• Update dependency node to v20
• Update dependency node-fetch to v3
• Update dependency node-gyp to v10
• Update dependency org.apache.pdfbox:pdfbox to v3
• Update dependency org.apache.tomcat.embed:tomcat-embed-core to v10
• Update dependency org.apache.tomcat.embed:tomcat-embed-websocket to v10
• Update dependency org.flywaydb:flyway-core to v10
• Update dependency org.springframework.cloud:spring-cloud-dependencies to v2023
• Update dependency uk.gov.service.notify:notifications-java-client to v5
• Update dependency webdriverio to v9
• Update dependency yargs-parser to v21
• Update hmctspublic.azurecr.io/base/java Docker tag to v21
• Update mockito monorepo to v5 (major) (org.mockito:mockito-inline, org.mockito:mockito-junit-jupiter, org.mockito:mockito-core)
• Update plugin org.owasp.dependencycheck to v10
• Update plugin org.sonarqube to v5
• Update spring boot to v3 (major) (org.springframework.boot:spring-boot-starter-logging, org.springframework.boot)
• Update spring security to v6 (major) (org.springframework.security:spring-security-oauth2-core, org.springframework.security:spring-security-web, org.springframework.security:spring-security-crypto, org.springframework.security:spring-security-core, org.springframework.security:spring-security-oauth2-jose, org.springframework.security:spring-security-oauth2-resource-server, org.springframework.security:spring-security-config)
• Update versions.serenity to v4 (major) (net.serenity-bdd:serenity-spring, net.serenity-bdd:serenity-rest-assured, net.serenity-bdd:serenity-junit, net.serenity-bdd:serenity-core)
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package uk.gov.hmcts.reform:logging, Failed to look up maven package uk.gov.hmcts.reform:logging-appinsights, Failed to look up maven package uk.gov.hmcts.reform:idam-client, Failed to look up maven package uk.gov.hmcts.reform:document-management-client, Failed to look up maven package uk.gov.hmcts.reform:core-case-data-store-client, Failed to look up maven package uk.gov.hmcts.reform:service-auth-provider-client, Failed to look up maven package uk.gov.hmcts.reform.auth:auth-checker-lib, Failed to look up maven package com.github.hmcts:send-letter-client, Failed to look up maven package com.github.hmcts:ccd-case-document-am-client, Failed to look up maven package com.github.hmcts:fortify-client.

Files affected: service/build.gradle

---

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• Update dependency axios to v1.7.4 [SECURITY]
• Update Yarn to v3.8.5
• Update dependency codeceptjs to v3.6.5
• Update dependency debug to v4.3.6
• Update versions.pact_version (au.com.dius.pact.consumer:java8, au.com.dius.pact.consumer:junit5)
• Update dependency @types/node to v20.16.3
• Update dependency au.com.dius.pact.provider:gradle to v4.6.14
• Update dependency ch.qos.logback:logback-core to v1.5.7
• Update dependency uk.gov.service.notify:notifications-java-client to v3.19.2-RELEASE
• Update junit5 monorepo (org.junit.platform:junit-platform-commons, org.junit.jupiter:junit-jupiter-engine, org.junit.jupiter:junit-jupiter-api)
• Update dependency com.google.guava:guava to v33
• Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• Update Helm release java to v5.2.1
• Update actions/labeler action to v5
• Update dependency com.launchdarkly:launchdarkly-java-server-sdk to v7

Detected dependencies

docker-compose

docker-compose.yml

dockerfile

Dockerfile

• hmctspublic.azurecr.io/base/java 17-distroless

github-actions

.github/workflows/label.yml

• actions/checkout v4
• actions/labeler v4

gradle

settings.gradle

build.gradle

• org.owasp.dependencycheck 9.1.0

service/gradle.properties

service/build.gradle

• net.serenity-bdd:serenity-gradle-plugin 2.4.34
• au.com.dius.pact.provider:gradle 4.1.41
• io.spring.dependency-management 1.1.5
• org.springframework.boot 2.7.18
• com.github.ben-manes.versions 0.51.0
• org.sonarqube 3.5.0.2730
• info.solidsoft.pitest 1.15.0
• com.github.hmcts.rse-cft-lib 0.19.1285
• checkstyle 8.45.1
• org.projectlombok:lombok 1.18.32
• org.springframework.security:spring-security-config 5.8.12
• org.springframework.security:spring-security-oauth2-resource-server 5.8.12
• org.springframework.security:spring-security-oauth2-jose 5.8.12
• org.springframework.security:spring-security-core 5.8.12
• org.springframework.security:spring-security-crypto 5.8.12
• org.springframework.security:spring-security-web 5.8.12
• org.springframework.security:spring-security-oauth2-core 5.8.12
• org.springframework.boot:spring-boot-starter-logging 2.7.18
• org.springframework.cloud:spring-cloud-starter-netflix-hystrix 2.2.10.RELEASE
• org.apache.logging.log4j:log4j-api 2.23.1
• org.apache.logging.log4j:log4j-to-slf4j 2.23.1
• org.apache.pdfbox:pdfbox 2.0.31
• org.bitbucket.b_c:jose4j 0.9.6
• ch.qos.logback:logback-classic 1.2.13
• ch.qos.logback:logback-core 1.2.13
• org.apache.commons:commons-text 1.12.0
• org.apache.commons:commons-csv 1.11.0
• com.github.ben-manes.caffeine:caffeine 3.1.8
• com.launchdarkly:launchdarkly-java-server-sdk 5.10.9
• io.github.openfeign:feign-core 11.10
• org.yaml:snakeyaml 2.2
• org.postgresql:postgresql 42.7.3
• org.flywaydb:flyway-core 8.5.13
• uk.gov.hmcts.reform:logging 5.1.7
• uk.gov.hmcts.reform:logging-appinsights 5.1.7
• commons-fileupload:commons-fileupload 1.5
• uk.gov.hmcts.reform:idam-client 2.0.0
• uk.gov.hmcts.reform:document-management-client 7.0.0
• uk.gov.hmcts.reform:core-case-data-store-client 4.7.6
• uk.gov.hmcts.reform:service-auth-provider-client 4.0.0
• uk.gov.hmcts.reform.auth:auth-checker-lib 2.1.4
• com.github.hmcts:send-letter-client 3.0.16
• uk.gov.service.notify:notifications-java-client 3.17.3-RELEASE
• org.apache.tomcat.embed:tomcat-embed-websocket 9.0.89
• org.apache.tomcat.embed:tomcat-embed-core 9.0.89
• com.github.hmcts:ccd-case-document-am-client 1.7.3
• com.google.guava:guava 32.1.3-jre
• commons-io:commons-io 2.16.1
• javax.xml.bind:jaxb-api 2.3.1
• com.fasterxml.jackson.datatype:jackson-datatype-joda 2.17.1
• net.minidev:json-smart 2.5.1
• org.pitest:pitest 1.16.1
• info.solidsoft.gradle.pitest:gradle-pitest-plugin 1.15.0
• org.pitest:pitest-junit5-plugin 1.2.1
• org.apache.commons:commons-text 1.12.0
• org.awaitility:awaitility 4.2.1
• org.mockito:mockito-core 4.11.0
• org.mockito:mockito-junit-jupiter 4.11.0
• org.mockito:mockito-inline 4.11.0
• com.github.hmcts:fortify-client 1.2.0
• net.serenity-bdd:serenity-core 2.6.0
• net.serenity-bdd:serenity-junit 2.6.0
• net.serenity-bdd:serenity-rest-assured 2.6.0
• net.serenity-bdd:serenity-spring 2.6.0
• au.com.dius.pact.consumer:junit5 4.1.7
• au.com.dius.pact.consumer:java8 4.1.7
• org.junit.jupiter:junit-jupiter-api 5.7.1
• org.junit.jupiter:junit-jupiter-engine 5.7.1
• org.junit.platform:junit-platform-commons 1.8.2
• com.fasterxml.jackson.core:jackson-databind 2.13.5
• org.springframework.cloud:spring-cloud-starter-openfeign 4.1.1
• org.springframework.cloud:spring-cloud-netflix-ribbon 2.2.10.RELEASE
• com.netflix.ribbon:ribbon-core 2.7.18
• uk.gov.hmcts.reform:core-case-data-store-client 4.7.6
• com.google.guava:guava 30.1.1-jre
• org.springframework.cloud:spring-cloud-dependencies 2021.0.9

gradle-wrapper

gradle/wrapper/gradle-wrapper.properties

• gradle 7.6.4

helm-values

charts/fpl-case-service/values.yaml

helmv3

charts/fpl-case-service/Chart.yaml

• java 5.2.0
• ccd 9.2.0
• xui-webapp ~1.0.12
• xui-mo-webapp ~1.1.0
• idam-pr 2.3.0
• aac-manage-case-assignment ~0.2.16
• ccd-case-document-am-api 1.7.14
• postgresql 1.0.2

npm

package.json

• @axe-core/playwright ^4.8.5
• @types/lodash ^4.14.202
• dotenv ^16.4.1
• @babel/core ^7.11.0
• @babel/eslint-parser ^7.17.0
• @eslint/js ^9.0.0
• @playwright/test ^1.43.1
• @types/node ^20.10.7
• @types/qs ^6.9.11
• axios ^1.6.7
• codeceptjs 3.6.2
• dateformat ^4.6.3
• debug 4.3.4
• eslint ^8.0.0
• eslint-plugin-codeceptjs ^1.3.0
• glob ^7.2.3
• html_codesniffer ^2.5.1
• husky ^7.0.4
• interpolate-json ^3.0.0
• lodash ^4.17.21
• mocha ^10.2.0
• mocha-junit-reporter ^2.2.0
• mocha-multi ^1.1.7
• mochawesome ^6.3.1
• moment 2.30.1
• node-fetch ^2.6.9
• node-gyp ^9.4.0
• playwright-core ^1.43.1
• qs ^6.11.2
• typescript ^5.4.5
• webdriverio 8.36.1
• debug 4.3.4
• mocha-junit-reporter ^2.2.0
• mocha-multi ^1.1.7
• mochawesome ^6.3.1
• node >=18.0.0
• yargs-parser ^20.2.9
• yarn 3.8.2

nvm

.nvmrc

• node 18.20.3

terraform

infrastructure/alerts.tf

• fpl-action-group undefined
• fpl-exceptions-alert undefined
• fpl-health-failure-alert undefined
• fpl-performance-alert undefined
• fpl-summary-tab-job-alert undefined
• fpl-upcoming-hearings-job-alert undefined

infrastructure/main.tf

• azuread 2.50.0
• azurerm 3.105.0

terraform-version

.terraform-version

• hashicorp/terraform 1.8.4

infrastructure/.terraform-version

• hashicorp/terraform 1.8.4

---

• Check this box to trigger a request for Renovate to run again on this repository