Dependency Dashboard

[forking-renovate[bot]]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Package lookup failures

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• [ ] fix(deps): update dependency org.apache.maven:maven-core to v3.9.9
• [ ] fix(deps): update dependency org.apache.maven:maven-plugin-api to v3.9.9
• [ ] fix(deps): update go (github.com/sigstore/rekor, golang.org/x/oauth2)
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.11.1
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-shade-plugin to v3.6.0
• [ ] chore(deps): update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.7.0
• [ ] fix(deps): update dependency yaml to v2.6.1
• [ ] chore(deps): update actions/setup-node action to v4
• [ ] chore(deps): update npm dev (major) (@types/node, @typescript-eslint/eslint-plugin, @typescript-eslint/parser, eslint, eslint-plugin-github, renovate, sigstore)
• [ ] fix(deps): update dependency @sigstore/rekor-types to v3
• [ ] fix(deps): update dependency org.json:json to v20240303
• [ ] fix(deps): update dependency sigstore to v3
• [ ] fix(deps): update module github.com/google/go-github/v57 to v67

---

[!WARNING] Renovate failed to look up the following dependencies: Failed to look up maven package io.github.slsa-framework.slsa-github-generator:hash-maven-plugin.

Files affected: e2e/maven/workflow_dispatch/pom.xml

---

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• [ ] chore(deps): update github-actions (actions/checkout, actions/setup-go, actions/setup-java, actions/setup-node, actions/upload-artifact, geekyeggo/delete-artifact, github/codeql-action, google-github-actions/auth, ianlewis/todo-issue-reopener, sigstore/cosign-installer, softprops/action-gh-release, thehanimo/pr-title-checker)
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.7
• [ ] chore(deps): update npm dev (@sigstore/cli, @types/jest, @types/node, @vercel/ncc, eslint, eslint-plugin-prettier, markdownlint-cli, prettier, renovate, ts-jest, typescript)
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-plugin-plugin to v3.15.1
• [ ] fix(deps): update module github.com/pelletier/go-toml to v2
• [ ] Click on this checkbox to rebase all open PRs at once

Detected dependencies

github-actions

.github/actions/generate-builder/action.yml

- `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32`

.github/actions/secure-builder-checkout/action.yaml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/actions/secure-download-artifact/action.yml

- `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/actions/secure-download-folder/action.yml

- `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/actions/secure-project-checkout-go/action.yml

- `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32`

.github/actions/secure-project-checkout-node/action.yml

- `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b`

.github/actions/secure-project-checkout/action.yaml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/actions/secure-upload-artifact/action.yml

- `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029`

.github/actions/secure-upload-folder/action.yml

.github/workflows/builder_bazel_slsa3.yml

.github/workflows/builder_container-based_slsa3.yml

- `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `google-github-actions/auth v2.1.3@71fee32a0bb7e97b4d33d548e7d957010649d8fa` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191` - `softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191` - `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1` - `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1` - `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1`

.github/workflows/builder_go_slsa3.yml

- `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191`

.github/workflows/builder_gradle_slsa3.yml

.github/workflows/builder_maven_slsa3.yml

.github/workflows/builder_nodejs_slsa3.yml

.github/workflows/codeql-analysis.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a` - `github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a` - `github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a`

.github/workflows/delegator_generic_slsa3.yml

- `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1` - `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1`

.github/workflows/delegator_lowperms-generic_slsa3.yml

- `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1` - `geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1`

.github/workflows/e2e.create-container_based-predicate.schedule.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/e2e.detect-workflow-js.schedule.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/e2e.sign-attestations.schedule.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-node v4@1e60f620b9541d16bece96c5465dc8ee9832be0b` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/e2e.upload-folder.schedule.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/generator_container_slsa3.yml

- `google-github-actions/auth v2.1.3@71fee32a0bb7e97b4d33d548e7d957010649d8fa` - `sigstore/cosign-installer v3.5.0@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20`

.github/workflows/generator_generic_slsa3.yml

- `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191`

.github/workflows/pre-submit.actions.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/pre-submit.apis.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/pre-submit.delegators.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/pre-submit.e2e.container-based.default.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/workflows/pre-submit.e2e.generic.default.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/workflows/pre-submit.e2e.go.config-ldflags-main-dir.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

.github/workflows/pre-submit.e2e.maven.yml

.github/workflows/pre-submit.lint.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `actions/setup-node v3.8.2@1a4442cacd436585916779262731d5b162bc6ec7` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b`

.github/workflows/pre-submit.pr-title.yml

- `thehanimo/pr-title-checker v1.4.2@1d8cd483a2b73118406a187f54dca8a9415f1375`

.github/workflows/pre-submit.units.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32` - `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/release.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332`

.github/workflows/schedule.issue-reopener.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `ianlewis/todo-issue-reopener v1.2.1@339a05bfcc934adf6aa425b968a2d2f2af4f12ad`

.github/workflows/scorecards.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `ossf/scorecard-action v2.4.0@62b2cac7ed8198b15735ed49ab1e5cf35480ba46` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a`

.github/workflows/update-actions-dist-post-commit.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029` - `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16`

actions/delegator/random/action.yml

actions/delegator/secure-attestations-download/action.yml

actions/delegator/secure-download-folder/action.yml

actions/delegator/secure-upload-folder/action.yml

actions/generator/generic/create-base64-subjects-from-file/action.yml

actions/gradle/publish/action.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9`

actions/gradle/secure-download-attestations/action.yml

actions/gradle/secure-download-target/action.yml

actions/maven/publish/action.yml

- `actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9`

actions/maven/secure-download-attestations/action.yml

actions/maven/secure-download-target/action.yml

actions/nodejs/publish/action.yml

actions/nodejs/secure-attestations-download/action.yml

actions/nodejs/secure-package-download/action.yml

internal/builders/bazel/action.yml

- `bazelbuild/setup-bazelisk v3.0.0@b39c379c82683a5f25d34f0d062761f62693e0b2` - `actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9`

internal/builders/gradle/action.yml

- `actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332` - `actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9` - `gradle/gradle-build-action v3.5.0@ac2d340dc04d9e1113182899e983b5400c17cda1`

internal/builders/maven/action.yml

- `actions/checkout 9a9194f87191a7e9055e3e9b95b8cfb13023bb08` - `actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9`

internal/builders/nodejs/action.yml

- `actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b`

gomod

go.mod

- `go 1.23.1` - `github.com/coreos/go-oidc/v3 v3.11.0` - `github.com/go-openapi/strfmt v0.23.0` - `github.com/go-openapi/swag v0.23.0` - `github.com/google/go-cmp v0.6.0` - `github.com/google/go-github/v57 v57.0.0` - `github.com/in-toto/in-toto-golang v0.9.0` - `github.com/pelletier/go-toml v1.9.5` - `github.com/secure-systems-lab/go-securesystemslib v0.8.0` - `github.com/sigstore/cosign/v2 v2.4.1` - `github.com/sigstore/rekor v1.3.6` - `github.com/sigstore/sigstore v1.8.10` - `github.com/spf13/cobra v1.8.1` - `golang.org/x/oauth2 v0.23.0` - `gopkg.in/square/go-jose.v2 v2.6.0` - `gopkg.in/yaml.v3 v3.0.1`

internal/builders/go/e2e-presubmits/go.mod

- `go 1.23.1` - `github.com/pborman/uuid v1.2.1`

internal/builders/go/pkg/testdata/go/go.mod

- `go 1.23.1`

maven

actions/maven/publish/slsa-hashing-plugin/pom.xml

- `org.apache.maven:maven-plugin-api 3.9.8` - `org.apache.maven.plugin-tools:maven-plugin-annotations 3.15.1` - `org.apache.maven:maven-core 3.9.8` - `org.json:json 20231013` - `org.apache.maven.plugins:maven-plugin-plugin 3.6.0`

e2e/maven/workflow_dispatch/pom.xml

- `org.apache.maven.plugins:maven-source-plugin 3.3.1` - `org.apache.maven.plugins:maven-javadoc-plugin 3.10.1` - `org.apache.maven.plugins:maven-shade-plugin 3.5.1` - `org.sonatype.plugins:nexus-staging-maven-plugin 1.6.13` - `org.apache.maven.plugins:maven-gpg-plugin 3.2.5` - `org.apache.maven.plugins:maven-deploy-plugin 3.1.3` - `io.github.slsa-framework.slsa-github-generator:hash-maven-plugin 0.0.1`

npm

.github/actions/compute-sha256/package.json

- `@actions/core 1.11.1` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `typescript 5.4.5`

.github/actions/create-container_based-predicate/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@types/jest 29.5.12` - `@types/make-fetch-happen 10.0.4` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `jest 29.7.0` - `prettier 3.2.5` - `ts-jest 29.1.3` - `typescript 5.4.5`

.github/actions/detect-workflow-js/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@types/jest 29.5.12` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `ts-jest 29.1.3` - `typescript 5.4.5`

.github/actions/generate-attestations/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@types/jest 29.5.12` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `ts-jest 29.1.3` - `typescript 5.4.5`

.github/actions/privacy-check/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `typescript 5.4.5`

.github/actions/sign-attestations/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@sigstore/rekor-types 2.0.0` - `sigstore 2.3.1` - `@types/make-fetch-happen 10.0.4` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `typescript 5.4.5`

.github/actions/tscommon/package.json

- `@types/jest 29.5.12` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `ts-jest 29.1.3` - `typescript 5.4.5`

.github/actions/verify-token/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@octokit/webhooks-types 7.6.1` - `@sigstore/rekor-types 2.0.0` - `sigstore 2.3.1` - `yaml 2.5.1` - `@types/jest 29.5.12` - `@types/make-fetch-happen 10.0.4` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `jest 29.7.0` - `prettier 3.2.5` - `ts-jest 29.1.3` - `typescript 5.4.5`

actions/delegator/setup-generic/package.json

- `@actions/core 1.11.1` - `@actions/github 6.0.0` - `@sigstore/rekor-types 2.0.0` - `sigstore 2.3.1` - `@types/make-fetch-happen 10.0.4` - `@types/node 20.12.12` - `@typescript-eslint/eslint-plugin 6.21.0` - `@typescript-eslint/parser 6.21.0` - `@vercel/ncc 0.38.1` - `eslint 8.57.0` - `eslint-plugin-github 4.10.2` - `eslint-plugin-prettier 5.1.3` - `prettier 3.2.5` - `typescript 5.4.5`

package.json

- `@sigstore/cli 0.8.0` - `markdown-toc 1.2.0` - `markdownlint-cli 0.40.0` - `prettier 3.2.5` - `renovate 37.371.0` - `sigstore 2.3.1`

pip_requirements

requirements.txt

- `yamllint ==1.35.1` - `pathspec ==0.12.1`

---

• [ ] Check this box to trigger a request for Renovate to run again on this repository

[ianlewis]

Keeping this pinned since renovate updates it to provide it's current status.

[ianlewis]

@rarkins Renovate seems stuck and has closed all it's PRs. It doesn't seem to be responding to the checkboxes in this issue.

[ianlewis]

@rarkins Renovate seems stuck and has closed all it's PRs. It doesn't seem to be responding to the checkboxes in this issue.

nevermind, I think I figured out what the issue is -> #404

[rarkins]

Fix PR: https://github.com/slsa-framework/slsa-github-generator/pull/3638