Dependency Dashboard

[fro-bot]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (3)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
npm	@octokit/webhooks-types	2024-10-03
npm	@semantic-release/exec	2025-05-09
npm	@semantic-release/git	2021-10-30

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• build(deps): update dependency oh-my-openagent to v4
• build(deps): update mitmproxy/mitmproxy Docker tag to v12
• chore(deps): update pnpm to v11
• chore(dev): update dependency lint-staged to v17
• ci(deps): update actions/dependency-review-action action to v5
• fix(deps): update dependency @hono/node-server to v2
• 🔐 Create all pending approval PRs at once 🔐

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(dev): update dependency @types/node to v24.12.4
• build(deps): maintain lockfiles
• 🔐 Create all awaiting schedule PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• build(dev): update dependency tsdown to v0.22.1
• chore(dev): update dependency eslint to v10.4.1
• chore(dev): update dependency eslint-plugin-prettier to v5.5.6

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update pnpm to v10.34.1
• fix(deps): update dependency @aws-sdk/client-s3 to v3.1055.0
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

docker-compose (2)

deploy/compose.override.example.yaml

deploy/compose.yaml (1)

• mitmproxy/mitmproxy 11.1.3@sha256:e0deb0df7edf9f909053f274a067cd1cacb90f5c17d74459e1693179c0b98d8f → [Updates: 12.2.3]

dockerfile (2)

deploy/gateway.Dockerfile (3)

• docker/dockerfile 1@sha256:87999aa3d42bdc6bea60565083ee17e86d1f3339802f543c0d03998580f9cb89
• node 24.16.0-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14
• node 24.16.0-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14

deploy/workspace.Dockerfile (2)

• docker/dockerfile 1@sha256:87999aa3d42bdc6bea60565083ee17e86d1f3339802f543c0d03998580f9cb89
• node 24.16.0-alpine@sha256:2bdb65ed1dab192432bc31c95f94155ca5ad7fc1392fb7eb7526ab682fa5bf14

github-actions (10)

.github/actions/setup/action.yaml (2)

• pnpm/action-setup v6.0.8@0e279bb959325dab635dd2c09392533439d90093
• actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e

.github/workflows/auto-release.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/ci.yaml (12)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• dorny/paths-filter v4.0.1@fbd0ab8f3e69293af611ebaee6363fc25e6d187d
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v4.9.0@2031cfc080254a8a887f58cffee85186f0e49e48 → [Updates: v5.0.0]
• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/codeql-analysis.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa

.github/workflows/copilot-setup-steps.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/fro-bot.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/prepare-release-pr.yaml (2)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/renovate.yaml (1)

• bfra-me/.github v4.16.21@165ed192e9969365ec079b36e3f42a443bb75647

.github/workflows/scorecard.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• github/codeql-action v4.36.0@7211b7c8077ea37d8641b6271f6a365a22a5fbfa

.github/workflows/update-repo-settings.yaml (1)

• bfra-me/.github v4.16.21@165ed192e9969365ec079b36e3f42a443bb75647

nodenv (1)

.node-version (1)

• node 24.16.0

npm (6)

apps/action/package.json

apps/workspace-agent/package.json (3)

• @hono/node-server 1.19.14 → [Updates: 2.0.4]
• hono 4.12.23
• vitest 4.1.7

package.json (34)

• @actions/artifact 6.2.1
• @actions/cache 6.0.1
• @actions/core 3.0.1
• @actions/exec 3.0.0
• @actions/github 9.1.1
• @actions/tool-cache 4.0.0
• @aws-sdk/client-s3 3.1054.0 → [Updates: 3.1055.0]
• @bfra.me/es 0.1.0
• @octokit/auth-app 8.2.0
• @opencode-ai/sdk 1.14.41
• @bfra.me/eslint-config 0.51.1
• @bfra.me/prettier-config 0.16.9
• @bfra.me/tsconfig 0.13.1
• @octokit/webhooks-types 7.6.1
• @semantic-release/exec 7.1.0
• @semantic-release/git 10.0.1
• @types/node 24.12.2 → [Updates: 24.12.4]
• @vitest/eslint-plugin 1.6.18
• conventional-changelog-conventionalcommits 9.3.1
• eslint 10.4.0 → [Updates: 10.4.1]
• eslint-config-prettier 10.1.8
• eslint-plugin-prettier 5.5.5 → [Updates: 5.5.6]
• generate-license-file 4.2.1
• jiti 2.7.0
• js-yaml 4.1.1
• lint-staged 16.4.0 → [Updates: 17.0.5]
• prettier 3.8.3
• read-package-up 12.0.0
• semantic-release 25.0.3
• simple-git-hooks 2.13.1
• tsdown 0.22.0 → [Updates: 0.22.1]
• typescript 6.0.3
• vitest 4.1.7
• pnpm 10.33.4 → [Updates: 10.34.1, 11.4.0]

packages/gateway/package.json (4)

• @hono/node-server 1.19.14 → [Updates: 2.0.4]
• discord.js 14.26.4
• effect 3.21.2
• hono 4.12.23

packages/runtime/package.json (2)

• @bfra.me/es 0.1.0
• @opencode-ai/sdk 1.14.41

pnpm-workspace.yaml (14)

• brace-expansion >=5.0.5
• fast-uri >=3.1.2
• fast-xml-builder >=1.1.7
• fast-xml-parser >=5.7.0
• flatted 3.4.2
• handlebars >=4.7.9
• ip-address >=10.1.1
• lodash >=4.18.0
• lodash-es >=4.18.0
• picomatch >=4.0.4
• tar@^7 >=7.5.11
• undici@^7 >=7.24.0
• vite 8.0.14
• yaml >=2.8.3

regex (6)

.github/renovate.json5 (1)

• bfra-me/renovate-config 5.2.1

deploy/gateway.Dockerfile

packages/runtime/src/shared/constants.ts (1)

• oh-my-openagent 3.17.15 → [Updates: 4.5.1]

packages/runtime/src/shared/constants.ts (1)

• anomalyco/opencode 1.14.41

packages/runtime/src/shared/constants.ts (1)

• oven-sh/bun 1.3.14

packages/runtime/src/shared/constants.ts (1)

• @fro.bot/systematic 2.24.0

renovate-config (1)

.github/renovate.json5

---

• Check here to trigger a Renovate run on this repository