Dependency Dashboard

[renovate[bot]]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Ignored or Blocked

These are blocked by an existing closed PR and will not be recreated unless you click a checkbox below.

• [ ] Update registry.access.redhat.com/ubi8/ubi-minimal Docker tag to v8.7-1049
• [ ] Update dependency io.pebbletemplates:pebble to v3.2.0

Detected dependencies

docker-compose

docker-compose.yml

- `postgres 15-alpine` - `docker.redpanda.com/vectorized/redpanda v22.3.11` - `docker.redpanda.com/vectorized/redpanda v22.3.11` - `docker.redpanda.com/vectorized/console v2.1.1` - `prom/prometheus v2.41.0` - `grafana/grafana-oss 9.3.4`

dockerfile

mirror-service/src/main/docker/Dockerfile.jvm

mirror-service/src/main/docker/Dockerfile.legacy-jar

mirror-service/src/main/docker/Dockerfile.native

- `registry.access.redhat.com/ubi8/ubi-minimal 8.7-1031`

mirror-service/src/main/docker/Dockerfile.native-micro

- `quay.io/quarkus/quarkus-micro-image 2.0`

notification-publisher/src/main/docker/Dockerfile.jvm

notification-publisher/src/main/docker/Dockerfile.legacy-jar

notification-publisher/src/main/docker/Dockerfile.native

- `registry.access.redhat.com/ubi8/ubi-minimal 8.7-1049`

notification-publisher/src/main/docker/Dockerfile.native-micro

- `quay.io/quarkus/quarkus-micro-image 2.0`

notification-publisher/src/main/docker/Dockerfile.native-multiarch

- `quay.io/quarkus/quarkus-micro-image 2.0`

repository-meta-analyzer/src/main/docker/Dockerfile.jvm

repository-meta-analyzer/src/main/docker/Dockerfile.legacy-jar

repository-meta-analyzer/src/main/docker/Dockerfile.native

- `registry.access.redhat.com/ubi8/ubi-minimal 8.7-1049`

repository-meta-analyzer/src/main/docker/Dockerfile.native-micro

- `quay.io/quarkus/quarkus-micro-image 2.0`

repository-meta-analyzer/src/main/docker/Dockerfile.native-multiarch

- `quay.io/quarkus/quarkus-micro-image 2.0`

vulnerability-analyzer/src/main/docker/Dockerfile.jvm

vulnerability-analyzer/src/main/docker/Dockerfile.legacy-jar

vulnerability-analyzer/src/main/docker/Dockerfile.native

- `registry.access.redhat.com/ubi8/ubi-minimal 8.7-1049`

vulnerability-analyzer/src/main/docker/Dockerfile.native-micro

- `quay.io/quarkus/quarkus-micro-image 2.0`

vulnerability-analyzer/src/main/docker/Dockerfile.native-multiarch

- `quay.io/quarkus/quarkus-micro-image 2.0`

github-actions

.github/workflows/_build-native-meta.yml

- `actions/checkout v3` - `actions/setup-java v3` - `docker/setup-qemu-action v2.1.0` - `docker/setup-buildx-action v2.2.1` - `actions/upload-artifact v3.1.2` - `actions/checkout v3` - `actions/download-artifact v3.0.2` - `actions/download-artifact v3.0.2` - `docker/setup-qemu-action v2.1.0` - `docker/setup-buildx-action v2.2.1` - `docker/login-action v2` - `docker/build-push-action v3`

.github/workflows/ci.yml

- `actions/checkout v3` - `actions/setup-java v3`

.github/workflows/codeql.yml

- `actions/checkout v3` - `actions/setup-java v3.9.0` - `github/codeql-action v2` - `github/codeql-action v2` - `github/codeql-action v2`

.github/workflows/publishJar.yml

- `actions/checkout v3` - `actions/setup-java v3` - `docker/setup-qemu-action v2.1.0` - `docker/setup-buildx-action v2.2.1` - `docker/login-action v2` - `docker/build-push-action v3` - `docker/build-push-action v3` - `docker/build-push-action v3` - `docker/build-push-action v3`

.github/workflows/semgrep.yml

- `actions/checkout v3` - `returntocorp/semgrep-action 137b6fa8d60023238378b28e19b9600e4edce87e` - `github/codeql-action v2`

maven

commons/pom.xml

mirror-service/pom.xml

notification-publisher/pom.xml

pom.xml

- `io.quarkus:quarkus-bom 2.16.0.Final` - `us.springett:cpe-parser 2.0.2` - `org.cyclonedx:cyclonedx-core-java 7.3.1` - `io.github.resilience4j:resilience4j-all 2.0.2` - `io.github.resilience4j:resilience4j-micrometer 2.0.2` - `org.json:json 20220924` - `io.pebbletemplates:pebble 3.1.6` - `io.quarkiverse.helm:quarkus-helm 0.2.3` - `xerces:xercesImpl 2.12.2` - `org.apache.maven:maven-artifact 4.0.0-alpha-3` - `us.springett:cvss-calculator 1.4.1` - `com.github.tomakehurst:wiremock-jre8-standalone 2.35.0` - `org.mock-server:mockserver-netty 5.15.0` - `org.assertj:assertj-core 3.24.2` - `net.javacrumbs.json-unit:json-unit-assertj 2.36.0` - `org.apache.maven.plugins:maven-compiler-plugin 3.10.1` - `io.smallrye:jandex-maven-plugin 3.0.5` - `io.quarkus.platform:quarkus-maven-plugin 2.16.0.Final` - `io.quarkus:quarkus-container-image-docker 2.16.0.Final` - `org.apache.maven.plugins:maven-surefire-plugin 3.0.0-M8` - `org.apache.maven.plugins:maven-failsafe-plugin 3.0.0-M8` - `org.jacoco:jacoco-maven-plugin 0.8.8`

repository-meta-analyzer/pom.xml

vulnerability-analyzer/pom.xml

maven-wrapper

.mvn/wrapper/maven-wrapper.properties

- `maven 3.8.7` - `maven-wrapper 3.1.1`

npm

load-tests/package.json

- `@types/k6 ^0.42.0`

---

• [ ] Check this box to trigger a request for Renovate to run again on this repository

[nscuro]

We're not using Renovate anymore. Closing.