Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository Problems

These problems occurred while renovating this repository. View logs.

• ⚠️ WARN: Package lookup failures

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update dependency jest-preset-angular to v16.1.2
• chore(deps): update dependency org.cyclonedx.bom to v3.2.3
• chore(deps): update dependency org.jetbrains.kotlin.jvm to v2.3.20
• chore(deps): update dependency org.sonarqube to v7.2.3.7755
• chore(deps): update maibornwolff/purl-patrol action to v1.6.6
• chore(deps): update node.js to v24.14.1
• fix(deps): update kotlin monorepo to v2.3.20 (org.jetbrains.kotlin:kotlin-reflect, org.jetbrains.kotlin:kotlin-test)
• chore(deps): update dependency org.jlleitschuh.gradle.ktlint to v14.2.0
• fix(deps): update dependency electron to v40.8.5
• chore(deps): update dependency typescript to v6
• chore(deps): update docker/build-push-action action to v7
• fix(deps): update dependency electron to v41
• chore(deps): lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update dependency marked to v18

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package MaibornWolff/secobserve_actions_templates).

Files affected: .github/workflows/check-licenses.yml

---

Other Branches

The following updates are pending. To force the creation of a PR, click on a checkbox below.

• chore(deps): update dependency @angular/compiler to v21.2.4 [security]
• chore(deps): update dependency @angular/core to v21.2.4 [security]

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency activesupport to v8.1.2.1 [security]
• chore(deps): update dependency fast-xml-parser to v5.5.7 [security]
• chore(deps): update dependency @biomejs/biome to v2.4.10
• chore(deps): update actions/setup-node action to v6.3.0
• chore(deps): update other updates (gradle, nginx, ruby)
• fix(deps): update dependency com.github.maibornwolff:treesitterexcavationsite to v0.5.0
• chore(deps): update docker/login-action action to v4
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

bundler (1)

gh-pages/Gemfile (16)

• github-pages lock file @ 232
• tzinfo-data lock file @ 1.2025.2
• wdm "~> 0.2.0"
• kramdown ">= 2.3.1"
• activesupport ">= 6.0.0.0" → [Updates: ">= 6.0.0.0"]
• tzinfo ">= 1.1"
• nokogiri ">= 1.16.5"
• faraday-retry lock file @ 2.3.2
• jekyll-paginate lock file @ 1.1.0
• jekyll-sitemap lock file @ 1.4.0
• jekyll-gist lock file @ 1.5.0
• jekyll-feed lock file @ 0.17.0
• jemoji lock file @ 0.13.0
• jekyll-include-cache lock file @ 0.2.1
• jekyll-algolia lock file @ 1.7.1
• jekyll-redirect-from lock file @ 0.16.0

docker-compose (1)

docker-compose.yml (1)

• sonarqube 10.7.0-community

dockerfile (2)

analysis/Dockerfile (1)

• sapmachine 25.0.2-jre-ubuntu

visualization/Dockerfile (1)

• nginx 1.29.5-alpine → [Updates: 1.29.7-alpine]

github-actions (13)

.github/workflows/check-licenses.yml (9)

• actions/setup-java v5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• MaibornWolff/secobserve_actions_templates 2025@eacb7af59653b127f4f926aff7e4d50de6089c10
• MaibornWolff/purl-patrol v1.6.2@fe0da8d7c02235dfdf3c52ec936873e57e37203d → [Updates: v1.6.6]
• actions/setup-node v6.2.0@6044e13b5dc448c55e2357c09f80417699197238 → [Updates: v6.3.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• MaibornWolff/secobserve_actions_templates 2025@eacb7af59653b127f4f926aff7e4d50de6089c10
• MaibornWolff/purl-patrol v1.6.2@fe0da8d7c02235dfdf3c52ec936873e57e37203d → [Updates: v1.6.6]
• node 24

.github/workflows/deploy-github-pages.yml (2)

• actions/checkout v6
• JamesIves/github-pages-deploy-action v4.8.0

.github/workflows/ghcr-analysis.yml (5)

• docker/login-action v3 → [Updates: v4]
• docker/login-action v3 → [Updates: v4]
• actions/checkout v6
• docker/login-action v3 → [Updates: v4]
• docker/login-action v3 → [Updates: v4]

.github/workflows/merge-gatekeeper.yml (1)

• upsidr/merge-gatekeeper v1

.github/workflows/prepare-release.yml (3)

• actions/checkout v6
• oven-sh/setup-bun v2
• peter-evans/create-pull-request v8

.github/workflows/release-analysis.yml (12)

• actions/checkout v6
• actions/setup-node v6
• actions/upload-artifact v7
• actions/checkout v6
• actions/download-artifact v8
• oven-sh/setup-bun v2
• actions/checkout v6
• actions/setup-node v6
• actions/download-artifact v8
• docker/login-action v3 → [Updates: v4]
• node 24
• node 24

.github/workflows/release-visualization.yml (16)

• actions/checkout v6
• actions/setup-node v6
• actions/upload-artifact v7
• actions/upload-artifact v7
• actions/checkout v6
• actions/download-artifact v8
• oven-sh/setup-bun v2
• actions/checkout v6
• actions/setup-node v6
• actions/download-artifact v8
• docker/login-action v3 → [Updates: v4]
• actions/checkout v6
• actions/download-artifact v8
• JamesIves/github-pages-deploy-action v4.8.0
• node 24
• node 24

.github/workflows/staging-analysis.yml (5)

• actions/checkout v6
• actions/setup-node v6
• docker/login-action v3 → [Updates: v4]
• docker/build-push-action v6 → [Updates: v7]
• node 24

.github/workflows/staging-visualization.yml (6)

• actions/checkout v6
• actions/setup-node v6
• docker/login-action v3 → [Updates: v4]
• docker/build-push-action v6 → [Updates: v7]
• JamesIves/github-pages-deploy-action v4.8.0
• node 24

.github/workflows/test_analysis.yml (4)

• actions/checkout v6
• actions/setup-node v6
• actions/setup-java v5.2.0
• node 24

.github/workflows/test_format.yml (4)

• actions/checkout v6
• actions/setup-node v6
• actions/cache v5
• node 24

.github/workflows/test_visualization.yml (13)

• actions/checkout v6
• actions/setup-node v6
• actions/cache v5
• actions/upload-artifact v7
• actions/checkout v6
• actions/setup-node v6
• actions/cache v5
• actions/upload-artifact v7
• actions/checkout v6
• actions/download-artifact v8
• SonarSource/sonarcloud-github-action v5.0.0
• node 24
• node 24

.github/workflows/unpublish-release.yml (4)

• actions/setup-node v6
• actions/checkout v6
• actions/checkout v6
• node 24

gradle (26)

analysis/analysers/AnalyserInterface/build.gradle.kts

analysis/analysers/exporters/CSVExporter/build.gradle.kts

analysis/analysers/filters/EdgeFilter/build.gradle.kts

analysis/analysers/filters/MergeFilter/build.gradle.kts

analysis/analysers/filters/StructureModifier/build.gradle.kts

analysis/analysers/importers/CodeMaatImporter/build.gradle.kts

analysis/analysers/importers/CoverageImporter/build.gradle.kts

analysis/analysers/importers/CSVImporter/build.gradle.kts

analysis/analysers/importers/DependaChartaImporter/build.gradle.kts

analysis/analysers/importers/SonarImporter/build.gradle.kts

analysis/analysers/importers/SourceMonitorImporter/build.gradle.kts

analysis/analysers/importers/TokeiImporter/build.gradle.kts

analysis/analysers/parsers/GitLogParser/build.gradle.kts

analysis/analysers/parsers/RawTextParser/build.gradle.kts

analysis/analysers/parsers/SourceCodeParser/build.gradle.kts

analysis/analysers/parsers/SVNLogParser/build.gradle.kts

analysis/analysers/parsers/UnifiedParser/build.gradle.kts (1)

• com.github.MaibornWolff:TreeSitterExcavationSite v0.2.0 → [Updates: v0.5.0]

analysis/analysers/tools/InspectionTool/build.gradle.kts

analysis/analysers/tools/ValidationTool/build.gradle.kts

analysis/build.gradle.kts

analysis/ccsh/build.gradle.kts

analysis/dialogProvider/build.gradle.kts

analysis/gradle.properties

analysis/gradle/libs.versions.toml (32)

• io.github.oshai:kotlin-logging-jvm 8.0.01
• org.jetbrains.kotlinx:kotlinx-coroutines-core 1.10.2
• org.junit.jupiter:junit-jupiter-api 6.0.3
• org.junit.jupiter:junit-jupiter-engine 6.0.3
• org.junit.jupiter:junit-jupiter-params 6.0.3
• org.junit.platform:junit-platform-launcher 6.0.3
• io.fastjson:boon 0.34
• org.slf4j:slf4j-simple 2.0.17
• info.picocli:picocli 4.7.7
• com.univocity:univocity-parsers 2.9.1
• com.varabyte.kotter:kotter-jvm 1.2.1
• com.varabyte.kotterx:kotter-test-support-jvm 1.2.1
• org.jetbrains.kotlin:kotlin-test 2.3.10 → [Updates: 2.3.20]
• org.jetbrains.kotlin:kotlin-reflect 2.3.10 → [Updates: 2.3.20]
• org.assertj:assertj-core 3.27.7
• io.mockk:mockk 1.14.9
• org.skyscreamer:jsonassert 1.5.3
• org.apache.commons:commons-lang3 3.20.0
• com.googlecode.juniversalchardet:juniversalchardet 1.0.3
• io.reactivex.rxjava2:rxjava 2.2.21
• org.glassfish.jersey.core:jersey-client 4.0.2
• com.google.code.gson:gson 2.13.2
• jakarta.ws.rs:jakarta.ws.rs-api 4.0.0
• org.wiremock:wiremock 3.13.2
• org.json:json 20251224
• org.apache.commons:commons-text 1.15.0
• com.github.everit-org.json-schema:org.everit.json.schema 1.14.4
• com.appmattus.crypto:cryptohash 1.0.2
• org.sonarqube 7.2.2.6593 → [Updates: 7.2.3.7755]
• org.jlleitschuh.gradle.ktlint 14.0.1 → [Updates: 14.2.0]
• org.jetbrains.kotlin.jvm 2.3.10 → [Updates: 2.3.20]
• org.cyclonedx.bom 3.2.0 → [Updates: 3.2.3]

analysis/model/build.gradle.kts

analysis/settings.gradle.kts (1)

• org.gradle.toolchains.foojay-resolver-convention 1.0.0

gradle-wrapper (1)

analysis/gradle/wrapper/gradle-wrapper.properties (1)

• gradle 9.3.1 → [Updates: 9.4.1]

nodenv (1)

visualization/.node-version (1)

• node 24.14.0 → [Updates: 24.14.1]

npm (3)

analysis/node-wrapper/package.json (3)

• makeshift ^1.1.0
• shelljs ^0.10.0
• node >=20

package.json (7)

• @biomejs/biome 2.4.4 → [Updates: 2.4.10]
• @commitlint/cli ^20.0.0
• @commitlint/config-conventional ^20.0.0
• badge-maker ^5.0.0
• husky ^9.0.0
• lint-staged ^16.0.0
• node >=20

visualization/package.json (72)

• @angular/animations ^21.1.2
• @angular/cdk ^21.1.2
• @angular/common ^21.1.2
• @angular/core ^21.1.2 → [Updates: ^21.1.2]
• @angular/forms ^21.1.2
• @angular/material ^21.1.2
• @angular/platform-browser ^21.1.2
• @angular/platform-browser-dynamic ^21.1.2
• @angular/router ^21.1.2
• @ngrx/effects ^21.0.1
• @ngrx/operators ^21.0.1
• @ngrx/store ^21.0.1
• @ngrx/store-devtools ^21.0.1
• @tailwindcss/postcss ^4.1.18
• @types/d3 ^7.4.3
• ajv ^8.17.1
• color-convert ^3.1.3
• d3 ^7.9.0
• d3-hierarchy ^3.0.0
• dequal ^2.0.3
• electron 40.6.1 → [Updates: 40.8.5, 41.1.1]
• fake-indexeddb ^6.2.5
• fflate ^0.8.2
• font-awesome ^4.7.0
• hotkeys-js ^4.0.0
• html2canvas-pro ^2.0.0
• idb ^8.0.3
• ignore ^7.0.5
• klona ^2.0.6
• marked-mangle ^1.1.12
• material-icons ^1.13.14
• md5 ^2.3.0
• ngx-color ^10.1.0
• pako ^2.1.0
• percent-round ^2.3.1
• qrcode ^1.5.4
• rxjs ^7.5.1
• safe-stable-stringify ^2.5.0
• shelljs ^0.10.0
• tailwindcss ^4.1.15
• typescript-json-schema 0.67.1
• zone.js ^0.16.0
• @angular/build ^21.1.2
• @angular/cli ^21.1.2
• @angular/compiler ^21.1.2 → [Updates: ^21.1.2]
• @angular/compiler-cli ^21.1.2
• @babel/plugin-transform-class-static-block ^7.28.6
• @cyclonedx/cyclonedx-npm ^4.1.2
• @electron/get ^4.0.2
• @electron/packager ^19.0.2
• @playwright/test ^1.58.0
• @testing-library/angular ^19.0.0
• @testing-library/user-event ^14.6.1
• @types/jest ^30.0.0
• @types/node ^24.10.9
• autoprefixer ^10.4.23
• bestzip ^2.2.1
• daisyui ^5.5.14
• dependency-cruiser ^17.3.7
• fast-xml-parser ^5.3.4 → [Updates: ^5.3.4]
• html-loader ^5.1.0
• jest ^30.2.0
• jest-canvas-mock ^2.5.2
• jest-environment-jsdom ^30.2.0
• jest-preset-angular 16.1.1 → [Updates: 16.1.2]
• marked ^17.0.0 → [Updates: ^18.0.0]
• postcss ^8.5.6
• ts-jest ^29.4.6
• typescript 5.9.3 → [Updates: 6.0.2]
• webpack-glsl-loader ^1.0.1
• @rollup/rollup-linux-x64-gnu ^4.24.2
• node >=20

ruby-version (1)

gh-pages/.ruby-version (1)

• ruby 4.0.1 → [Updates: 4.0.2]

---

• Check this box to trigger a request for Renovate to run again on this repository