This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/anolilab/workflows). ## Pending Status Checks The following updates await pending status checks. To force their creation now, click on a checkbox below. - [ ] <!-- approvePr-branch=renovate/patch-commitlint-monorepo -->fix(deps): update dependency @commitlint/cli to ^21.2.1 - [ ] <!-- approvePr-branch=renovate/patch-prettier -->fix(deps): update dependency prettier to ^3.9.5 - [ ] <!-- approvePr-branch=renovate/minor-updates -->fix(deps): update pnpm to v11.11.0 ## Open The following updates have all been created. To force a retry/rebase of any, click on a checkbox below. - [ ] <!-- rebase-branch=renovate/github-actions -->[fix(deps): update github-actions](../pull/440) (`anolilab/workflows`, `step-security/harden-runner`, `taiki-e/install-action`) - [ ] <!-- rebase-branch=renovate/major-10-semantic-release -->[chore(deps): update dependency conventional-changelog-conventionalcommits to v10](../pull/429) - [ ] <!-- rebase-branch=renovate/fast-uri-=3.1.0-4.x -->[chore(deps): update dependency fast-uri@<=3.1.0 to v4](../pull/417) - [ ] <!-- rebase-branch=renovate/js-yaml-=4.1.1-5.x -->[chore(deps): update dependency js-yaml@<=4.1.1 to v5](../pull/421) - [ ] <!-- rebase-branch=renovate/undici-=7.0.0-7.28.0-8.x -->[chore(deps): update dependency undici@>=7.0.0 <7.28.0 to v8](../pull/418) - [ ] <!-- rebase-branch=renovate/lock-file-maintenance -->[chore(deps): lock file maintenance](../pull/414) - [ ] <!-- rebase-all-open-prs -->**Click on this checkbox to rebase all open PRs at once** ## PR Closed (Blocked) The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below. - [ ] <!-- recreate-branch=renovate/undici-6.23.0-8.x -->[chore(deps): update dependency undici@<6.23.0 to v8](../pull/363) ## Detected Dependencies <details><summary>devcontainer (1)</summary> <blockquote> <details><summary>.devcontainer/devcontainer.json (1)</summary> - `mcr.microsoft.com/devcontainers/typescript-node 24` </details> </blockquote> </details> <details><summary>github-actions (20)</summary> <blockquote> <details><summary>.github/workflows/allo-allo.yml (6)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/first-interaction v3.1.0@1c4688942c71f71d4f5502a26ea67c331730fa4d` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `actions/github-script v9.0.0@3a2844b7e9c422d3c10d287c895573f7108da1b3` - `actions/github-script v9.0.0@3a2844b7e9c422d3c10d287c895573f7108da1b3` </details> <details><summary>.github/workflows/cleanup-branch-cache.yaml (2)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` </details> <details><summary>.github/workflows/cleanup-branch-cache.yml (2)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` </details> <details><summary>.github/workflows/codeql.yml (5)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `github/codeql-action v4.36.3@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a` → [Updates: `v4.37.0`] - `github/codeql-action v4.36.3@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a` → [Updates: `v4.37.0`] - `github/codeql-action v4.36.3@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a` → [Updates: `v4.37.0`] </details> <details><summary>.github/workflows/dependency-review.yml (3)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `actions/dependency-review-action v5.0.0@a1d282b36b6f3519aa1f3fc636f609c47dddb294` </details> <details><summary>.github/workflows/lint.yml (29)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `dorny/paths-filter v4.0.2@7b450fff21473bca461d4b92ce414b9d0420d706` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `nrwl/nx-set-shas v5.0.1@afb73a62d26e41464e9254689e1fd6122ee683c1` - `anolilab/workflows main@561a54257113a4bd1346bf10a022063faca27680` → [Updates: `main`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `nrwl/nx-set-shas v5.0.1@afb73a62d26e41464e9254689e1fd6122ee683c1` - `anolilab/workflows main@561a54257113a4bd1346bf10a022063faca27680` → [Updates: `main`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `ibiqlik/action-yamllint v3.1.1@2576378a8e339169678f9939646ee3ee325e845c` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `raven-actions/actionlint v2.2.0@3d39aea434753780c3b3d4a1a31c854b4dbf49d7` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `oxc-project/setup-rust v1.0.17@3d6fb132fbe7cdcb66bf8ec193911c2945369d12` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `pnpm/action-setup v6.0.9@0ebf47130e4866e96fce0953f49152a61190b271` - `actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `ubuntu 24.04` - `ubuntu 24.04` </details> <details><summary>.github/workflows/lock-closed.yml (2)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `dessant/lock-threads v6.0.2@89ae32b08ed1a541efecbab17912962a5e38981c` </details> <details><summary>.github/workflows/pnpm-lock-file-maintenance.yml (4)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `anolilab/workflows main@561a54257113a4bd1346bf10a022063faca27680` → [Updates: `main`] - `stefanzweifel/git-auto-commit-action v7.2.0@4a55954c782fc1ea30b9056cd3e7a2b40ca8887d` </details> <details><summary>.github/workflows/scorecards.yml (5)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a` - `actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a` - `github/codeql-action v4.36.3@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a` → [Updates: `v4.37.0`] </details> <details><summary>.github/workflows/semantic-pull-request.yml (4)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `amannn/action-semantic-pull-request v6.1.1@48f256284bd46cdaab1048c3721360e808335d50` - `marocchino/sticky-pull-request-comment v3.0.5@5770ad5eb8f42dd2c4f34da00c94c5381e49af88` - `marocchino/sticky-pull-request-comment v3.0.5@5770ad5eb8f42dd2c4f34da00c94c5381e49af88` </details> <details><summary>.github/workflows/semantic-release.yml (3)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `lewagon/wait-on-check-action v1.8.1@1d57e2c51a58d812d2765e036a028b6bdb5a6154` - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` </details> <details><summary>.github/workflows/set-default-labels.yml (3)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `crazy-max/ghaction-github-labeler v6.0.0@548a7c3603594ec17c819e1239f281a3b801ab4d` </details> <details><summary>.github/workflows/slop-detection.yml (5)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/cache v6@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `MatteoGabriele/agentscan-action main@4eebb5210583641a015146ea52b6b92e1df14ed7` - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `peakoss/anti-slop v0.3.0@57858eead489d08b255fab2af45a506c2ca6eab2` </details> <details><summary>.github/workflows/stale-issues.yml (8)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899` → [Updates: `v10.4.0`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899` → [Updates: `v10.4.0`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899` → [Updates: `v10.4.0`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899` → [Updates: `v10.4.0`] </details> <details><summary>.github/workflows/test.yml (9)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `pnpm/action-setup v6.0.9@0ebf47130e4866e96fce0953f49152a61190b271` - `actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `anolilab/workflows main@561a54257113a4bd1346bf10a022063faca27680` → [Updates: `main`] - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `ubuntu 24.04` </details> <details><summary>.github/workflows/zizmor.yml (4)</summary> - `step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411` → [Updates: `v2.20.0`] - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `taiki-e/install-action v2.82.9@4684b8405694ae9dd42c9f39ba901a70ae83f4a3` → [Updates: `v2.82.10`] - `github/codeql-action v4.36.3@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a` → [Updates: `v4.37.0`] </details> <details><summary>step/checkout-with-retry/action.yml (2)</summary> - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` - `actions/checkout v7.0.0@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0` </details> <details><summary>step/node/action.yml (7)</summary> - `actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e` - `pnpm/action-setup v6.0.9@0ebf47130e4866e96fce0953f49152a61190b271` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` </details> <details><summary>step/rust/action.yml (2)</summary> - `Swatinem/rust-cache v2.9.1@c19371144df3bb44fab255c43d04cbc2ab54d1c4` - `taiki-e/install-action v2.82.9@4684b8405694ae9dd42c9f39ba901a70ae83f4a3` → [Updates: `v2.82.10`] </details> <details><summary>step/setup/action.yml (7)</summary> - `actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e` - `pnpm/action-setup v6.0.9@0ebf47130e4866e96fce0953f49152a61190b271` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` - `actions/cache v6.1.0@55cc8345863c7cc4c66a329aec7e433d2d1c52a9` </details> </blockquote> </details> <details><summary>npm (2)</summary> <blockquote> <details><summary>package.json (18)</summary> - `@anolilab/commitlint-config ^10.0.1` - `@anolilab/lint-staged-config ^11.0.11` - `@anolilab/prettier-config ^10.0.1` - `@anolilab/semantic-release-preset ^13.4.17` - `@commitlint/cli ^21.2.0` → [Updates: `^21.2.1`] - `@commitlint/config-conventional ^21.2.0` - `@secretlint/secretlint-rule-preset-recommend ^13.0.2` - `commitizen ^4.3.2` - `conventional-changelog-conventionalcommits 9.3.1` → [Updates: `10.2.1`] - `cross-env ^10.1.0` - `husky ^9.1.7` - `is-ci ^4.1.0` - `lint-staged ^17.0.8` - `prettier ^3.9.4` → [Updates: `^3.9.5`] - `secretlint 13.0.2` - `semantic-release ^25.0.5` - `sort-package-json ^4.0.0` - `pnpm 11.10.0` → [Updates: `11.11.0`] </details> <details><summary>pnpm-workspace.yaml (12)</summary> - `fast-uri@<=3.1.0 ^3.1.3` → [Updates: `^4.1.0`] - `fast-uri@<=3.1.1 ^4.1.0` - `js-yaml@<=4.1.1 >=4.3.0` → [Updates: `>=5.2.1`] - `lodash@<=4.17.23 ^4.17.24` - `lodash@>=4.0.0 <=4.17.22 ^4.18.1` - `lodash@>=4.0.0 <=4.17.23 ^4.17.24` - `shell-quote@>=1.1.0 <=1.8.3 ^1.9.0` - `tmp@<0.2.6 ^0.2.7` - `undici@<6.23.0 ^7.28.0` → [Updates: `^8.7.0`] - `undici@<6.24.0 ^8.7.0` - `undici@>=7.0.0 <7.28.0 ^7.28.0` → [Updates: `^8.7.0`] - `undici@>=8.0.0 <8.5.0 ^8.7.0` </details> </blockquote> </details> <details><summary>nvm (1)</summary> <blockquote> <details><summary>.nvmrc (1)</summary> - `node 24` </details> </blockquote> </details> <details><summary>renovate-config (1)</summary> <blockquote> <details><summary>.github/renovate.json5</summary> </details> </blockquote> </details> --- - [ ] <!-- manual job -->Check this box to trigger a request for Renovate to run again on this repository
This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.
Pending Status Checks
The following updates await pending status checks. To force their creation now, click on a checkbox below.
Open
The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.
anolilab/workflows,step-security/harden-runner,taiki-e/install-action)PR Closed (Blocked)
The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.
Detected Dependencies
devcontainer (1)
github-actions (20)
npm (2)
nvm (1)
renovate-config (1)