Dependency Dashboard

[fro-bot]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• fix(deps): update dependency @atproto/api to ^0.20.0
• chore(deps): update actions/download-artifact action to v8
• 🔐 Create all pending approval PRs at once 🔐

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): maintain lockfiles

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update fro-bot/agent to v0.48.1
• chore(deps): update pnpm to v11.4.0
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

github-actions (22)

.github/actions/setup/action.yaml (2)

• jdx/mise-action v4.0.1@1648a7812b9aeae629881980618f079932869151
• actions/cache v5.0.5@27d5ce7f107fe9357f9df03efb73ab90386fccae

.github/workflows/apply-branding.yaml

.github/workflows/codeql-analysis.yaml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa

.github/workflows/copilot-setup-steps.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/dependency-review.yaml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v5.0.0@a1d282b36b6f3519aa1f3fc636f609c47dddb294

.github/workflows/dispatch-renovate.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/fro-bot-autoheal.yaml

.github/workflows/fro-bot.yaml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• fro-bot/agent v0.46.1@9a2d4b08196d3d5ad70692b655311e18ed6b2726 → [Updates: v0.48.1]

.github/workflows/main.yaml (7)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rhysd/actionlint v1.7.12@914e7df21a07ef503a81201c76d2b11c789d3fca
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/manage-cache.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/manage-issues.yaml (5)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899
• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• dessant/lock-threads v6.0.0@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7 → [Updates: v6.0.2]

.github/workflows/merge-data.yaml (3)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/poll-invitations.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/reconcile-repos.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/renovate.yaml (1)

• bfra-me/.github v4.16.0@65caa6a021ae4a6597bd915f276e1ab9d75dc071 → [Updates: v4.16.22]

.github/workflows/reset-survey-status.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/scorecard.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa

.github/workflows/social-broadcast.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/survey-repo.yaml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• fro-bot/agent v0.46.1@9a2d4b08196d3d5ad70692b655311e18ed6b2726 → [Updates: v0.48.1]

.github/workflows/update-metadata.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/update-repo-settings.yaml (1)

• bfra-me/.github v4.16.0@65caa6a021ae4a6597bd915f276e1ab9d75dc071 → [Updates: v4.16.22]

.github/workflows/wiki-lint.yaml (5)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.1]
• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1

mise (1)

mise.toml (3)

• node 24.16.0
• pnpm 11.3.0 → [Updates: 11.4.0]
• python 3.14.0 → [Updates: 3.14.5]

npm (1)

package.json (19)

• @atproto/api ^0.19.9 → [Updates: ^0.20.0]
• @octokit/rest ^22.0.1
• yaml ^2.6.0
• @bfra.me/eslint-config 0.51.0 → [Updates: 0.51.1]
• @bfra.me/prettier-config 0.16.0 → [Updates: 0.16.9]
• @bfra.me/tsconfig 0.13.0 → [Updates: 0.13.1]
• @types/node 24.12.0 → [Updates: 24.12.4]
• @vitest/coverage-v8 4.1.4 → [Updates: 4.1.7]
• @vitest/eslint-plugin 1.6.15 → [Updates: 1.6.18]
• eslint 10.4.0 → [Updates: 10.4.1]
• eslint-config-prettier 10.1.1 → [Updates: 10.1.8]
• eslint-plugin-erasable-syntax-only 0.4.0 → [Updates: 0.4.1]
• eslint-plugin-node-dependencies 2.2.0
• eslint-plugin-prettier 5.5.0 → [Updates: 5.5.6]
• jiti 2.7.0
• prettier 3.8.1 → [Updates: 3.8.3]
• typescript 6.0.3
• vitest 4.1.4 → [Updates: 4.1.7]
• pnpm 11.3.0 → [Updates: 11.4.0]

regex (1)

.github/actions/setup/action.yaml (1)

• jdx/mise 2026.5.1 → [Updates: 2026.5.16]

renovate-config-presets (1)

.github/renovate.json5

---

• Check here to trigger a Renovate run on this repository