Dependency Dashboard

[balena-renovate[bot]]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

[!WARNING] These dependencies are deprecated:

Datasource	Name	Replacement PR?
npm	@types/terser-webpack-plugin
npm	grunt-check-dependencies
npm	request
npm	require-npm4-to-publish

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• [ ] Update Node.js to v24
• [ ] Lock file maintenance
• [ ] 🔐 Create all rate-limited PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• [ ] Update dependency @types/node to v24
• [ ] Update dependency bcrypt to v6
• [ ] Update postgres Docker tag to v18
• [ ] Click on this checkbox to rebase all open PRs at once

Ignored or Blocked

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• [ ] Update dependency @types/express to v5
• [ ] Update dependency @types/node to v22
• [ ] Update dependency body-parser to v2
• [ ] Update dependency express to v5
• [ ] Update dependency serve-static to v2
• [ ] Update Node.js to v22

Detected dependencies

docker-compose

docker-compose.npm-test.yml

• postgres 17-alpine
• minio/minio RELEASE.2025-09-07T16-13-09Z
• minio/mc RELEASE.2025-08-13T08-35-41Z

dockerfile

Dockerfile

• node 20-alpine

github-actions

.github/workflows/flowzone.yml

• product-os/flowzone master

npm

package.json

• @balena/abstract-sql-compiler ^11.2.3
• @balena/abstract-sql-to-typescript ^6.1.2
• @balena/env-parsing ^1.2.6
• @balena/lf-to-abstract-sql ^5.0.12
• @balena/odata-parser ^4.2.8
• @balena/odata-to-abstract-sql ^10.0.4
• @balena/sbvr-parser ^1.4.13
• @balena/sbvr-types ^11.1.4
• @sindresorhus/fnv1a ^3.1.0
• @types/body-parser ^1.19.6
• @types/compression ^1.8.1
• @types/cookie-parser ^1.4.9
• @types/deep-freeze ^0.1.5
• @types/express ^4.17.23
• @types/express-session ^1.18.2
• @types/lodash ^4.17.20
• @types/memoizee ^0.4.12
• @types/method-override ^3.0.0
• @types/mysql ^2.15.27
• @types/node ^20.19.21
• @types/passport ^1.0.17
• @types/passport-local ^1.0.38
• @types/passport-strategy ^0.2.38
• @types/pg ^8.15.5
• @types/randomstring ^1.3.0
• @types/websql ^0.0.30
• ajv ^8.17.1
• busboy ^1.6.0
• commander ^14.0.1
• cron-parser ^5.4.0
• deep-freeze ^0.0.1
• eventemitter3 ^5.0.1
• express-session ^1.18.2
• json-schema-to-ts ^3.1.1
• lodash ^4.17.21
• memoizee ^0.4.17
• pinejs-client-core ^8.4.0
• randomstring ^1.3.1
• typed-error ^3.2.2
• @balena/lint ^9.3.8
• @balena/pinejs-webresource-s3 ^2.1.10
• @faker-js/faker ^10.0.0
• @swc-node/register ^1.11.1
• @swc/core ^1.13.5
• @types/busboy ^1.5.4
• @types/chai ^5.2.2
• @types/grunt ^0.4.32
• @types/mocha ^10.0.10
• @types/on-finished ^2.3.5
• @types/request ^2.48.13
• @types/supertest ^6.0.3
• @types/terser-webpack-plugin ^5.2.0
• @types/webpack ^5.28.5
• chai ^6.2.0
• grunt ^1.6.1
• grunt-check-dependencies ^1.0.0
• grunt-cli ^1.5.0
• grunt-contrib-clean ^2.0.1
• grunt-contrib-concat ^2.1.0
• grunt-contrib-copy ^1.0.0
• grunt-contrib-rename ^0.2.0
• grunt-gitinfo ^0.1.9
• grunt-text-replace ^0.4.0
• grunt-ts ^6.0.0-beta.22
• grunt-webpack ^7.0.0
• husky ^9.1.7
• lint-staged ^16.2.4
• load-grunt-tasks ^5.1.0
• mocha ^11.7.4
• on-finished ^2.4.1
• pinejs-client-supertest ^3.1.1
• raw-loader ^4.0.2
• request ^2.88.2
• require-npm4-to-publish ^1.0.0
• supertest ^7.1.4
• terser-webpack-plugin ^5.3.14
• ts-loader ^9.5.4
• typescript ^5.9.3
• webpack ^5.102.1
• webpack-dev-server ^5.2.2
• @aws-sdk/client-s3 ^3.908.0
• @aws-sdk/lib-storage ^3.908.0
• @aws-sdk/s3-request-presigner ^3.908.0
• bcrypt ^5.1.1
• body-parser ^1.20.3
• compression ^1.8.1
• cookie-parser ^1.4.7
• express ^4.21.2
• method-override ^3.0.0
• mysql ^2.18.1
• passport ^0.7.0
• passport-local ^1.0.0
• pg ^8.16.3
• pg-connection-string ^2.9.1
• serve-static ^1.16.2
• node ^20.14.0 || ^22.0.0 || ^24.5.0
• npm >=10.7.0