Dependency Dashboard

[forking-renovate[bot]]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Package lookup failures

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• [ ] chore(deps): update github-actions (actions/checkout, actions/setup-go, actions/setup-java, actions/setup-node, actions/upload-artifact, geekyeggo/delete-artifact, github/codeql-action, google-github-actions/auth, ianlewis/todo-issue-reopener, sigstore/cosign-installer)
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3.2.7
• [ ] fix(deps): update dependency org.apache.maven:maven-core to v3.9.9
• [ ] fix(deps): update dependency org.apache.maven:maven-plugin-api to v3.9.9
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-shade-plugin to v3.6.0
• [ ] chore(deps): update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.7.0
• [ ] fix(deps): update dependency yaml to v2.6.0
• [ ] chore(deps): update actions/setup-node action to v4
• [ ] chore(deps): update npm dev (major) (@types/node, @typescript-eslint/eslint-plugin, @typescript-eslint/parser, eslint, eslint-plugin-github, renovate, sigstore)
• [ ] fix(deps): update dependency @sigstore/rekor-types to v3
• [ ] fix(deps): update dependency org.json:json to v20240303
• [ ] fix(deps): update dependency sigstore to v3
• [ ] fix(deps): update module github.com/google/go-github/v57 to v66

---

[!WARNING] Renovate failed to look up the following dependencies: Failed to look up maven package io.github.slsa-framework.slsa-github-generator:hash-maven-plugin.

Files affected: e2e/maven/workflow_dispatch/pom.xml

---

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• [ ] chore(deps): update npm dev (@sigstore/cli, @types/jest, @types/node, @vercel/ncc, eslint, eslint-plugin-prettier, markdownlint-cli, prettier, renovate, ts-jest, typescript)
• [ ] chore(deps): update dependency org.apache.maven.plugins:maven-plugin-plugin to v3.15.1
• [ ] chore(deps): update dependency yamllint to v1.35.1
• [ ] fix(deps): update dependency org.apache.maven.plugin-tools:maven-plugin-annotations to v3.15.1
• [ ] fix(deps): update go (github.com/coreos/go-oidc/v3, github.com/sigstore/cosign/v2, github.com/sigstore/sigstore, github.com/spf13/cobra, golang.org/x/oauth2)
• [ ] fix(deps): update module github.com/pelletier/go-toml to v2
• [ ] Click on this checkbox to rebase all open PRs at once

Detected dependencies

github-actions

.github/actions/generate-builder/action.yml

• actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32

.github/actions/secure-builder-checkout/action.yaml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/actions/secure-download-artifact/action.yml

• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/actions/secure-download-folder/action.yml

• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/actions/secure-project-checkout-go/action.yml

• actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32

.github/actions/secure-project-checkout-node/action.yml

• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b

.github/actions/secure-project-checkout/action.yaml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/actions/secure-upload-artifact/action.yml

• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029

.github/actions/secure-upload-folder/action.yml

.github/workflows/builder_bazel_slsa3.yml

.github/workflows/builder_container-based_slsa3.yml

• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• google-github-actions/auth v2.1.3@71fee32a0bb7e97b4d33d548e7d957010649d8fa
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191
• softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191
• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1
• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1
• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1

.github/workflows/builder_go_slsa3.yml

• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191

.github/workflows/builder_gradle_slsa3.yml

.github/workflows/builder_maven_slsa3.yml

.github/workflows/builder_nodejs_slsa3.yml

.github/workflows/codeql-analysis.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a

.github/workflows/delegator_generic_slsa3.yml

• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1
• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1

.github/workflows/delegator_lowperms-generic_slsa3.yml

• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1
• geekyeggo/delete-artifact v5.0.0@24928e75e6e6590170563b8ddae9fac674508aa1

.github/workflows/e2e.create-container_based-predicate.schedule.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/e2e.detect-workflow-js.schedule.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/e2e.sign-attestations.schedule.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-node v4@1e60f620b9541d16bece96c5465dc8ee9832be0b
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/e2e.upload-folder.schedule.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/generator_container_slsa3.yml

• google-github-actions/auth v2.1.3@71fee32a0bb7e97b4d33d548e7d957010649d8fa
• sigstore/cosign-installer v3.5.0@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20

.github/workflows/generator_generic_slsa3.yml

• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• softprops/action-gh-release v2.0.8@c062e08bd532815e2082a85e87e3ef29c3e6d191

.github/workflows/pre-submit.actions.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/pre-submit.apis.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/pre-submit.delegators.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/pre-submit.e2e.container-based.default.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/workflows/pre-submit.e2e.generic.default.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/workflows/pre-submit.e2e.go.config-ldflags-main-dir.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

.github/workflows/pre-submit.e2e.maven.yml

.github/workflows/pre-submit.lint.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
• actions/setup-node v3.8.2@1a4442cacd436585916779262731d5b162bc6ec7
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b

.github/workflows/pre-submit.pr-title.yml

• thehanimo/pr-title-checker v1.4.2@1d8cd483a2b73118406a187f54dca8a9415f1375

.github/workflows/pre-submit.units.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-go v5.0.2@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/release.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332

.github/workflows/schedule.issue-reopener.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• ianlewis/todo-issue-reopener v1.2.1@339a05bfcc934adf6aa425b968a2d2f2af4f12ad

.github/workflows/scorecards.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• ossf/scorecard-action v2.4.0@62b2cac7ed8198b15735ed49ab1e5cf35480ba46
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• github/codeql-action v3.25.15@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a

.github/workflows/update-actions-dist-post-commit.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/upload-artifact v4.3.5@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/download-artifact v4.1.8@fa0a91b85d4f404e444e00e005971372dc801d16

actions/delegator/random/action.yml

actions/delegator/secure-attestations-download/action.yml

actions/delegator/secure-download-folder/action.yml

actions/delegator/secure-upload-folder/action.yml

actions/generator/generic/create-base64-subjects-from-file/action.yml

actions/gradle/publish/action.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9

actions/gradle/secure-download-attestations/action.yml

actions/gradle/secure-download-target/action.yml

actions/maven/publish/action.yml

• actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9

actions/maven/secure-download-attestations/action.yml

actions/maven/secure-download-target/action.yml

actions/nodejs/publish/action.yml

actions/nodejs/secure-attestations-download/action.yml

actions/nodejs/secure-package-download/action.yml

internal/builders/bazel/action.yml

• bazelbuild/setup-bazelisk v3.0.0@b39c379c82683a5f25d34f0d062761f62693e0b2
• actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9

internal/builders/gradle/action.yml

• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332
• actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
• gradle/gradle-build-action v3.5.0@ac2d340dc04d9e1113182899e983b5400c17cda1

internal/builders/maven/action.yml

• actions/checkout 9a9194f87191a7e9055e3e9b95b8cfb13023bb08
• actions/setup-java v4.2.1@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9

internal/builders/nodejs/action.yml

• actions/setup-node v4.0.3@1e60f620b9541d16bece96c5465dc8ee9832be0b

gomod

go.mod

• go 1.23.1
• github.com/coreos/go-oidc/v3 v3.10.0
• github.com/go-openapi/strfmt v0.23.0
• github.com/go-openapi/swag v0.23.0
• github.com/google/go-cmp v0.6.0
• github.com/google/go-github/v57 v57.0.0
• github.com/in-toto/in-toto-golang v0.9.0
• github.com/pelletier/go-toml v1.9.5
• github.com/secure-systems-lab/go-securesystemslib v0.8.0
• github.com/sigstore/cosign/v2 v2.2.4
• github.com/sigstore/rekor v1.3.6
• github.com/sigstore/sigstore v1.8.3
• github.com/spf13/cobra v1.8.0
• golang.org/x/oauth2 v0.20.0
• gopkg.in/square/go-jose.v2 v2.6.0
• gopkg.in/yaml.v3 v3.0.1

internal/builders/go/e2e-presubmits/go.mod

• go 1.23.1
• github.com/pborman/uuid v1.2.1

internal/builders/go/pkg/testdata/go/go.mod

• go 1.23.1

maven

actions/maven/publish/slsa-hashing-plugin/pom.xml

• org.apache.maven:maven-plugin-api 3.9.8
• org.apache.maven.plugin-tools:maven-plugin-annotations 3.10.2
• org.apache.maven:maven-core 3.9.8
• org.json:json 20231013
• org.apache.maven.plugins:maven-plugin-plugin 3.6.0

e2e/maven/workflow_dispatch/pom.xml

• org.apache.maven.plugins:maven-source-plugin 3.3.1
• org.apache.maven.plugins:maven-javadoc-plugin 3.10.1
• org.apache.maven.plugins:maven-shade-plugin 3.5.1
• org.sonatype.plugins:nexus-staging-maven-plugin 1.6.13
• org.apache.maven.plugins:maven-gpg-plugin 3.2.5
• org.apache.maven.plugins:maven-deploy-plugin 3.1.3
• io.github.slsa-framework.slsa-github-generator:hash-maven-plugin 0.0.1

npm

.github/actions/compute-sha256/package.json

• @actions/core 1.11.1
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• typescript 5.4.5

.github/actions/create-container_based-predicate/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @types/jest 29.5.12
• @types/make-fetch-happen 10.0.4
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• jest 29.7.0
• prettier 3.2.5
• ts-jest 29.1.3
• typescript 5.4.5

.github/actions/detect-workflow-js/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @types/jest 29.5.12
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• ts-jest 29.1.3
• typescript 5.4.5

.github/actions/generate-attestations/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @types/jest 29.5.12
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• ts-jest 29.1.3
• typescript 5.4.5

.github/actions/privacy-check/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• typescript 5.4.5

.github/actions/sign-attestations/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @sigstore/rekor-types 2.0.0
• sigstore 2.3.1
• @types/make-fetch-happen 10.0.4
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• typescript 5.4.5

.github/actions/tscommon/package.json

• @types/jest 29.5.12
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• ts-jest 29.1.3
• typescript 5.4.5

.github/actions/verify-token/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @octokit/webhooks-types 7.6.1
• @sigstore/rekor-types 2.0.0
• sigstore 2.3.1
• yaml 2.5.1
• @types/jest 29.5.12
• @types/make-fetch-happen 10.0.4
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• jest 29.7.0
• prettier 3.2.5
• ts-jest 29.1.3
• typescript 5.4.5

actions/delegator/setup-generic/package.json

• @actions/core 1.11.1
• @actions/github 6.0.0
• @sigstore/rekor-types 2.0.0
• sigstore 2.3.1
• @types/make-fetch-happen 10.0.4
• @types/node 20.12.12
• @typescript-eslint/eslint-plugin 6.21.0
• @typescript-eslint/parser 6.21.0
• @vercel/ncc 0.38.1
• eslint 8.57.0
• eslint-plugin-github 4.10.2
• eslint-plugin-prettier 5.1.3
• prettier 3.2.5
• typescript 5.4.5

package.json

• @sigstore/cli 0.8.0
• markdown-toc 1.2.0
• markdownlint-cli 0.40.0
• prettier 3.2.5
• renovate 37.371.0
• sigstore 2.3.1

pip_requirements

requirements.txt

• yamllint ==1.33.0
• pathspec ==0.12.1

---

• [ ] Check this box to trigger a request for Renovate to run again on this repository

[ianlewis]

Keeping this pinned since renovate updates it to provide it's current status.

[ianlewis]

@rarkins Renovate seems stuck and has closed all it's PRs. It doesn't seem to be responding to the checkboxes in this issue.

[ianlewis]

@rarkins Renovate seems stuck and has closed all it's PRs. It doesn't seem to be responding to the checkboxes in this issue.

nevermind, I think I figured out what the issue is -> #404

[rarkins]

Fix PR: https://github.com/slsa-framework/slsa-github-generator/pull/3638