Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

See Config Migration PR: #138.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (4)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
github-actions	gradle/gradle-build-action	2024-07-15

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Pin dependencies (K-Phoen/semver-release-action, actions/attest-build-provenance, actions/checkout, actions/github-script, actions/setup-java, actions/upload-artifact, actions/upload-release-asset, dorny/test-reporter, gradle/gradle-build-action, release-drafter/release-drafter)
• Update actions/attest-build-provenance action to v4
• Update actions/checkout action to v6
• Update actions/github-script action to v9
• Update actions/setup-java action to v5
• Update actions/upload-artifact action to v7
• Update dependency com.expediagroup:graphql-kotlin-spring-client to v9
• Update dependency com.github.ben-manes.caffeine:caffeine to v3
• Update dependency com.ninja-squad:springmockk to v5
• Update dependency org.springframework.cloud:spring-cloud-starter-openfeign to v5
• Update docker/build-push-action action to v7
• Update docker/login-action action to v4
• Update docker/metadata-action action to v6
• Update dorny/test-reporter action to v3
• Update eclipse-temurin Docker tag to v25
• Update Gradle to v9
• Update gradle/gradle-build-action action to v3
• Update plugin com.expediagroup.graphql to v9
• Update plugin org.springframework.boot to v4
• Update release-drafter/release-drafter action to v7
• Lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update all dependencies (docker/login-action, docker/metadata-action, eclipse-temurin, gradle, io.netty:netty-resolver-dns-native-macos, com.fasterxml.jackson.core:jackson-annotations, org.springframework.cloud:spring-cloud-starter-openfeign, org.springframework.cloud:spring-cloud-dependencies, org.jetbrains.kotlin.plugin.spring, org.jetbrains.kotlin.jvm, org.springframework.boot)

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• eclipse-temurin 21.0.8_9-jre-alpine@sha256:990397e0495ac088ab6ee3d949a2e97b715a134d8b96c561c5d130b3786a489d → [Updates: 21.0.9_10-jre-alpine, 25.0.1_8-jre-alpine]

github-actions (4)

.github/workflows/gradle-build.yml (3)

• actions/checkout v3 → [Updates: v6, v3]
• actions/setup-java v3 → [Updates: v5, v3]
• gradle/gradle-build-action v2 → [Updates: v3, v2]

.github/workflows/leanix-github-agent-code-coverage.yml (5)

• actions/checkout v3 → [Updates: v6, v3]
• actions/setup-java v3 → [Updates: v5, v3]
• gradle/gradle-build-action v2 → [Updates: v3, v2]
• dorny/test-reporter v1 → [Updates: v3, v1]
• madrapps/jacoco-report v1.6@94dfcf8dae9680be2cfa714ca37fb37790bd7663

.github/workflows/publish-dev-docker-image.yml (7)

• actions/checkout v3 → [Updates: v6, v3]
• actions/setup-java v3 → [Updates: v5, v3]
• gradle/gradle-build-action v2 → [Updates: v3, v2]
• docker/login-action v3.6.0@5e57cd118135c172c3672efd75eb46360885c0ef → [Updates: v3.7.0, v4.1.0]
• docker/metadata-action v5.8.0@c1e51972afc2121e065aed6d45c65596fe445f3f → [Updates: v5.10.0, v6.0.0]
• docker/build-push-action v5.4.0@ca052bb54ab0790a636c9b5f226502c73d547a25 → [Updates: v7.1.0]
• actions/attest-build-provenance v1 → [Updates: v4, v1]

.github/workflows/publish-package-to-ghcr.yml (13)

• release-drafter/release-drafter v5 → [Updates: v7, v5]
• K-Phoen/semver-release-action master → [Updates: master]
• actions/github-script v6.4.1 → [Updates: v9.0.0, v6.4.1]
• actions/github-script v6 → [Updates: v9, v6]
• actions/checkout v3 → [Updates: v6, v3]
• actions/setup-java v3 → [Updates: v5, v3]
• gradle/gradle-build-action v2 → [Updates: v3, v2]
• docker/login-action v3.6.0@5e57cd118135c172c3672efd75eb46360885c0ef → [Updates: v3.7.0, v4.1.0]
• docker/metadata-action v5.8.0@c1e51972afc2121e065aed6d45c65596fe445f3f → [Updates: v5.10.0, v6.0.0]
• docker/build-push-action v5.4.0@ca052bb54ab0790a636c9b5f226502c73d547a25 → [Updates: v7.1.0]
• actions/upload-artifact v4 → [Updates: v7, v4]
• actions/upload-release-asset v1 → [Updates: v1]
• actions/attest-build-provenance v1 → [Updates: v4, v1]

gradle (2)

build.gradle.kts (16)

• org.springframework.boot 3.5.7 → [Updates: 3.5.13, 4.0.5]
• io.spring.dependency-management 1.1.7
• com.expediagroup.graphql 8.8.1 → [Updates: 8.9.0, 9.1.0]
• io.gitlab.arturbosch.detekt 1.23.8
• org.jetbrains.kotlin.jvm 2.0.21 → [Updates: 2.3.20]
• org.jetbrains.kotlin.plugin.spring 2.0.21 → [Updates: 2.3.20]
• org.springframework.cloud:spring-cloud-dependencies 2025.0.0 → [Updates: 2025.1.1]
• com.github.ben-manes.caffeine:caffeine 2.9.3 → [Updates: 3.2.3]
• org.springframework.cloud:spring-cloud-starter-openfeign 4.3.0 → [Updates: 4.3.2, 5.0.1]
• com.fasterxml.jackson.core:jackson-annotations 2.20 → [Updates: 2.21]
• com.expediagroup:graphql-kotlin-spring-client 8.8.1 → [Updates: 8.9.0, 9.1.0]
• io.netty:netty-resolver-dns-native-macos 4.2.7.Final → [Updates: 4.2.12.Final]
• io.jsonwebtoken:jjwt-impl 0.13.0
• io.jsonwebtoken:jjwt-jackson 0.13.0
• com.ninja-squad:springmockk 4.0.2 → [Updates: 5.0.1]
• io.gitlab.arturbosch.detekt:detekt-formatting 1.23.8

settings.gradle.kts

gradle-wrapper (1)

gradle/wrapper/gradle-wrapper.properties (1)

• gradle 8.14.3 → [Updates: 8.14.4, 9.4.1]

renovate-config-presets (1)

.github/renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository