Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Deprecations / Replacements

Warning

These dependencies are either deprecated or have replacements available:

Datasource	Package	Replacement PR?
npm	@react-grab/cursor

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (32)

Datasource	Package	Last Updated
github-actions	reviewdog/action-shfmt	2025-03-18
npm	@emotion/react	2024-12-09
npm	@semantic-release/changelog	2023-03-23
npm	@semantic-release/git	2021-10-30
npm	@svgr/webpack	2023-08-15
npm	class-variance-authority	2024-11-26
npm	clsx	2024-04-23
npm	cmdk	2025-03-14
npm	date-fns	2024-09-17
npm	date-fns-tz	2024-09-30
npm	husky	2024-11-18
npm	input-otp	2025-01-06
npm	react-markdown	2025-03-07
npm	rehype-autolink-headings	2023-11-08
npm	rehype-slug	2023-08-31
npm	remark-gfm	2025-02-10
npm	rss-parser	2023-04-11
npm	semantic-release-major-tag	2023-05-29
npm	server-only	2022-09-03
npm	tailwindcss-animate	2023-08-28
npm	vaul	2024-12-14
pep621	loguru	2024-12-06
pep621	pytest-testinfra	2025-03-30

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• chore(deps): update node.js to v20
• chore(deps): update node.js to v22
• chore(deps): update actions to v4 (major) (docker/login-action, docker/setup-buildx-action, github/codeql-action, hashicorp/setup-terraform)
• chore(deps): update actions to v6 (major) (astral-sh/setup-uv, codecov/codecov-action, docker/metadata-action)
• chore(deps): update actions to v7 (major) (astral-sh/setup-uv, docker/build-push-action)
• chore(deps): update amir20/dozzle docker tag to v9
• chore(deps): update amir20/dozzle docker tag to v10
• chore(deps): update dependency lucide-react to v1
• chore(deps): update pnpm/action-setup to v5
• fix(deps): update dependency @stepperize/react to v6
• fix(deps): update dependency undici to v8
• 🔐 Create all pending approval PRs at once 🔐

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): pin dependencies (node, pnpm)
• fix(deps): update patch (drizzle-orm, recharts, undici)
• chore(deps): update minor (@sentry/nextjs, @sentry/node-native, @sentry/profiling-node, @tanstack/react-query, react-resizable-panels, wrangler)
• chore(deps): update node runtime to v24 (major)
• chore(deps): pin dependencies (adminer, alpine, amir20/dozzle, composer, coturn/coturn, debian, drakkan/sftpgo, ghcr.io/astral-sh/uv, ghcr.io/thelounge/thelounge, goacme/lego, grafana/alloy, grafana/grafana, grafana/loki, grafana/mimir, influxdb, jc21/nginx-proxy-manager, lscr.io/linuxserver/librespeed, networkstatic/iperf3, nginx, nginxinc/nginx-unprivileged, postgres, prom/blackbox-exporter, spx01/blocky, trafex/php-nginx, twinproduction/gatus)
• chore(deps): update actions (actions/cache, actions/setup-node, astral-sh/setup-uv, codecov/codecov-action, docker/build-push-action, docker/login-action, docker/metadata-action, docker/setup-buildx-action, github/codeql-action, pnpm/action-setup, reviewdog/action-actionlint, rmuir/uv-dependency-submission, step-security/harden-runner)
• chore(deps): update dependency alchemy to v0.90.1
• chore(deps): update dependency lucide-react to ^0.577.0
• chore(deps): lock file maintenance
• chore(deps): lock file maintenance
• chore(deps): update dependency vitest to v4.1.2
• chore(deps): update dev-deps (@cloudflare/vitest-pool-workers, @react-grab/cursor, @tanstack/react-query-devtools, @vitest/coverage-v8, drizzle-kit, knip, mint, oxfmt, oxlint, oxlint-tsgolint, shadcn, turbo, vitest)
• chore(deps): update types (@cloudflare/workers-types, discord-api-types)
• 🔐 Create all awaiting schedule PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• fix(deps): update dependency marked to v18

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency lodash to v4.18.1 [security]

Vulnerabilities

Important

4/32 CVEs have Renovate fixes.

npm

packages/ui/package.json

next

• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h

pnpm-workspace.yaml

next

• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h
• GHSA-5f7q-jpqc-wp7h

Detected Dependencies

docker-compose (15)

apps/portal/compose.yaml (4)

• postgres 18 → [Updates: 18]
• postgres 18-alpine → [Updates: 18-alpine]
• postgres 18-alpine → [Updates: 18-alpine]
• adminer latest → [Updates: latest]

compose.dev-override.yaml

compose.prod-override.yaml

compose.yaml (1)

• amir20/dozzle v8 → [Updates: v9, v10, v8]

infra/cert-manager.yaml (1)

• goacme/lego v4.32.0 → [Updates: v4.33.0, v4.32.0]

infra/chat/chat-bridge.yaml

infra/chat/chat-fluux.yaml

infra/chat/chat-irc.yaml

infra/chat/chat-lounge.yaml (1)

• ghcr.io/thelounge/thelounge 4.4.3 → [Updates: 4.4.3]

infra/chat/chat-obsidian.yaml

infra/chat/chat-xmpp.yaml

infra/network/network.yaml (7)

• coturn/coturn unknown version → [Updates: undefined]
• jc21/nginx-proxy-manager latest → [Updates: latest]
• spx01/blocky unknown version → [Updates: undefined]
• twinproduction/gatus unknown version → [Updates: undefined]
• drakkan/sftpgo unknown version → [Updates: undefined]
• lscr.io/linuxserver/librespeed unknown version → [Updates: undefined]
• networkstatic/iperf3 unknown version → [Updates: undefined]

infra/networks.yaml

infra/observability/observability.yaml (6)

• grafana/alloy latest → [Updates: latest]
• grafana/loki 3.6.0 → [Updates: 3.7.1, 3.6.0]
• grafana/mimir latest → [Updates: latest]
• grafana/grafana latest → [Updates: latest]
• influxdb 3-core → [Updates: 3-core]
• prom/blackbox-exporter latest → [Updates: latest]

services/observability/alloy-agent/compose.yaml (1)

• grafana/alloy latest → [Updates: latest]

dockerfile (12)

apps/bridge/Containerfile (2)

• python 3.12-slim → [Updates: 3.14-slim, 3.12-slim]
• ghcr.io/astral-sh/uv 0.9.18 → [Updates: 0.11.3, 0.9.18]

apps/portal/Containerfile (4)

• node 22-alpine@sha256:e4bf2a82ad0a4037d28035ae71529873c069b13eb0455466ae0bc13363826e34 → [Updates: 24-alpine, 22-alpine]
• node 22-alpine@sha256:e4bf2a82ad0a4037d28035ae71529873c069b13eb0455466ae0bc13363826e34 → [Updates: 24-alpine, 22-alpine]
• node 22-alpine@sha256:e4bf2a82ad0a4037d28035ae71529873c069b13eb0455466ae0bc13363826e34 → [Updates: 24-alpine, 22-alpine]
• node 22-alpine@sha256:e4bf2a82ad0a4037d28035ae71529873c069b13eb0455466ae0bc13363826e34 → [Updates: 24-alpine, 22-alpine]

infra/nginx/Dockerfile (1)

• nginx 1.27-alpine → [Updates: 1.29-alpine, 1.27-alpine]

services/chat/irc-client-gamja/Containerfile (1)

• node 22-alpine3.21 → [Updates: 24-alpine3.21, 22-alpine3.21]

services/chat/irc-client-obsidian/Containerfile (2)

• node 23-alpine → [Updates: 24-alpine, 23-alpine]
• nginx alpine → [Updates: alpine]

services/chat/irc-server/Containerfile (2)

• alpine 3.23@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 → [Updates: 3.23]
• alpine 3.23@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 → [Updates: 3.23]

services/chat/irc-services/Containerfile (2)

• alpine 3.23@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 → [Updates: 3.23]
• alpine 3.23@sha256:51183f2cfa6320055da30872f211093f9ff1d3cf06f39a0bdb212314c5dc7375 → [Updates: 3.23]

services/chat/irc-webpanel/Containerfile (2)

• composer 2 → [Updates: 2]
• trafex/php-nginx 3.10.0 → [Updates: 3.11.1, 3.10.0]

services/chat/xmpp-client-fluux/Containerfile (2)

• node 22-alpine → [Updates: 24-alpine, 22-alpine]
• nginx 1-alpine → [Updates: 1-alpine]

services/chat/xmpp-server/Containerfile (2)

• debian bookworm-slim → [Updates: bookworm-slim]
• debian bookworm-slim → [Updates: bookworm-slim]

services/tools/hckrnws/Containerfile (2)

• node 18-alpine → [Updates: 20-alpine, 22-alpine, 24-alpine, 18-alpine]
• node 18-alpine → [Updates: 20-alpine, 22-alpine, 24-alpine, 18-alpine]

services/tools/jsoncrack/Containerfile (2)

• node 24-alpine → [Updates: 24-alpine]
• nginxinc/nginx-unprivileged stable → [Updates: stable]

github-actions (22)

.github/actions/setup-node-pnpm/action.yml (4)

• pnpm/action-setup v4@41ff72655975bd51cab0327fa583b6e92b6d3061 → [Updates: v5, v4]
• actions/setup-node v6@6044e13b5dc448c55e2357c09f80417699197238 → [Updates: v6]
• pnpm ${{ inputs.pnpm-version }}
• node ${{ inputs.node-version }}

.github/workflows/chat-ci.yml (11)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• astral-sh/setup-uv v5@6b9c6063abd6010835c3544eaaeab6a6af3f3f0d → [Updates: v6, v7, v5]
• codecov/codecov-action v5@671740ac38dd9b0130fbe1cec585b89eea48d3de → [Updates: v6, v5]
• codecov/test-results-action v1@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/chat-web-ci.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rharkor/caching-for-turbo v2.3.11@0abc2381e688c4d2832f0665a68a01c6e82f0d6c

.github/workflows/chat-web-deploy.yml (2)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/codeql.yml (5)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v3.34.1@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 → [Updates: v3.35.1, v4.35.1]
• github/codeql-action v3.34.1@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 → [Updates: v3.35.1, v4.35.1]
• github/codeql-action v3.34.1@ebcb5b36ded6beda4ceefea6a8bc4cc885255bb3 → [Updates: v3.35.1, v4.35.1]

.github/workflows/dependency-review.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v4.9.0@2031cfc080254a8a887f58cffee85186f0e49e48

.github/workflows/dependency-submission.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rmuir/uv-dependency-submission v1.0.0@1c48aaac13e566e39fd04269ff1900b86c1105c5 → [Updates: v1.0.1]

.github/workflows/docs-ci.yml (2)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/lint-infra.yml (12)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-actionlint v1.71.0@0d952c597ef8459f634d7145b0b044a9699e5e43 → [Updates: v1.72.0]
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-hadolint v1.50.5@921946a7ebaaf08ac72607bad67209f4e52b5407
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-shellcheck v1.32@4c07458293ac342d477251099501a718ae5ef86e
• reviewdog/action-shfmt v1.0.4@d8f080930b9be5847b4f97e9f4122b81a82aaeac

.github/workflows/portal-ci.yml (19)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rharkor/caching-for-turbo v2.3.11@0abc2381e688c4d2832f0665a68a01c6e82f0d6c
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rharkor/caching-for-turbo v2.3.11@0abc2381e688c4d2832f0665a68a01c6e82f0d6c
• actions/cache v5@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 → [Updates: v5]
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rharkor/caching-for-turbo v2.3.11@0abc2381e688c4d2832f0665a68a01c6e82f0d6c
• codecov/codecov-action v5@671740ac38dd9b0130fbe1cec585b89eea48d3de → [Updates: v6, v5]
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/portal-deploy.yml (8)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v3@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 → [Updates: v4, v3]
• docker/login-action v3@74a5d142397b4f367a81961eba4e8cd7edddf772 → [Updates: v4, v3]
• docker/build-push-action v6@14487ce63c7a62a4a324b0bfb37086795e31c6c1 → [Updates: v7, v6]
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• appleboy/ssh-action v1@0ff4204d59e8e51228ff73bce53f80d53301dee2

.github/workflows/portal-maintenance.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• alstr/todo-to-issue-action v5.1.14@64aca8fda7023259aada83ba44ad988c4c443657

.github/workflows/portal-migrate.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• appleboy/ssh-action v1@0ff4204d59e8e51228ff73bce53f80d53301dee2

.github/workflows/portal-rollback.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• appleboy/ssh-action v1@0ff4204d59e8e51228ff73bce53f80d53301dee2

.github/workflows/pr-label.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/labeler v6.0.1@634933edcd8ababfe52f92936142cc22ac488b1b

.github/workflows/pr-title.yml (1)

• amannn/action-semantic-pull-request v6.1.1@48f256284bd46cdaab1048c3721360e808335d50

.github/workflows/pubnix-ci.yml (5)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• astral-sh/setup-uv v5@6b9c6063abd6010835c3544eaaeab6a6af3f3f0d → [Updates: v6, v7, v5]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• hashicorp/setup-terraform v3@b9cd54a3c349d3f38e8881555d616ced269862dd → [Updates: v4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/reusable-docker-build.yml (6)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v3@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 → [Updates: v4, v3]
• docker/login-action v3@74a5d142397b4f367a81961eba4e8cd7edddf772 → [Updates: v4, v3]
• docker/metadata-action v5@902fa8ec7d6ecbf8d84d538b9b233a880e428804 → [Updates: v6, v5]
• docker/build-push-action v6@14487ce63c7a62a4a324b0bfb37086795e31c6c1 → [Updates: v7, v6]
• actions/attest-build-provenance v4.1.0@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32

.github/workflows/reusable-py-check.yml (3)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• astral-sh/setup-uv v5@6b9c6063abd6010835c3544eaaeab6a6af3f3f0d → [Updates: v6, v7, v5]

.github/workflows/tools-ci.yml (4)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/tools-deploy.yml (2)

• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/web-deploy.yml (6)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.16.0@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 → [Updates: v2.16.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

mise (1)

mise.toml (1)

• node 24

npm (18)

apps/chat-web/package.json (1)

• @cloudflare/workers-types ^4.20260317.1 → [Updates: ^4.20260317.1]

apps/docs/package.json (1)

• mint ^4.2.447 → [Updates: ^4.2.447]

apps/portal/package.json (71)

• @base-ui/react ^1.3.0
• @better-auth/api-key ^1.6.0
• @better-auth/oauth-provider ^1.6.0
• @better-auth/passkey ^1.6.0
• @daveyplate/better-auth-tanstack ^1.3.6
• @daveyplate/better-auth-ui ^3.4.0
• @hookform/resolvers ^5.2.2
• @next/bundle-analyzer ^16.2.1 → [Updates: ^16.2.1]
• @sentry/nextjs ^10.45.0 → [Updates: ^10.45.0]
• @sentry/node-native ^10.45.0 → [Updates: ^10.45.0]
• @sentry/profiling-node ^10.45.0 → [Updates: ^10.45.0]
• @t3-oss/env-nextjs ^0.13.11
• @tanstack/react-query ^5.95.2 → [Updates: ^5.95.2]
• @tanstack/react-table ^8.21.3
• better-auth ^1.6.0
• cmdk ^1.1.1
• date-fns ^4.1.0
• date-fns-tz ^3.2.0
• dotenv ^17.3.1 → [Updates: ^17.3.1]
• drizzle-orm 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]
• drizzle-seed ^0.3.1
• embla-carousel-react ^8.6.0
• input-otp ^1.4.2
• lodash ^4.17.23 → [Updates: ^4.17.23]
• next-intl ^4.8.3 → [Updates: ^4.8.3]
• next-themes ^0.4.6
• nuqs ^2.8.9
• pg ^8.20.0
• pg-native ^3.7.0
• react 19.2.4
• react-day-picker ^9.14.0
• react-dom 19.2.4
• react-error-boundary ^6.1.1
• react-hook-form ^7.72.0 → [Updates: ^7.72.0]
• react-icons ^5.6.0
• react-resizable-panels ^4.7.5 → [Updates: ^4.7.5]
• react-scan ^0.5.3
• recharts 3.8.0 → [Updates: 3.8.1]
• rss-parser ^3.13.0
• schema-dts ^2.0.0
• server-only ^0.0.1
• sonner ^2.0.7
• undici ^7.24.5 → [Updates: ^7.24.5, ^8.0.0]
• vaul ^1.1.2
• zod ^4.3.6
• zod-validation-error ^5.0.0
• @react-grab/cursor ^0.1.28 → [Updates: ^0.1.28]
• @semantic-release/changelog ^6.0.3
• @semantic-release/exec ^7.1.0
• @semantic-release/git ^10.0.1
• @tanstack/react-query-devtools ^5.95.2 → [Updates: ^5.95.2]
• @testing-library/jest-dom ^6.9.1
• @testing-library/react ^16.3.2
• @types/lodash ^4.17.24
• @types/pg ^8.20.0
• @vitest/coverage-v8 ^4.1.1 → [Updates: ^4.1.1]
• discord-api-types ^0.38.42 → [Updates: ^0.38.42]
• drizzle-kit 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]
• fast-check ^4.6.0
• jsdom ^29.0.1 → [Updates: ^29.0.1]
• next-devtools-mcp ^0.3.10
• semantic-release ^25.0.3
• semantic-release-major-tag ^0.3.2
• shadcn ^4.1.0 → [Updates: ^4.1.0]
• tsx ^4.21.0
• turbo ^2.8.20 → [Updates: ^2.8.20]
• ultracite 7.4.3
• vitest ^4.1.1 → [Updates: ^4.1.1]
• node >=24.0.0
• pnpm >=10.0.0
• pnpm 10.28.2 → [Updates: 10.33.0]

apps/portal/packages/api/package.json (5)

• @tanstack/react-query ^5.95.2 → [Updates: ^5.95.2]
• drizzle-orm 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]
• zod ^4.3.6
• zod-validation-error ^5.0.0
• server-only ^0.0.1

apps/portal/packages/db/package.json (8)

• @t3-oss/env-nextjs ^0.13.11
• drizzle-orm 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]
• pg ^8.20.0
• server-only ^0.0.1
• zod ^4.3.6
• @types/pg ^8.20.0
• dotenv ^17.3.1 → [Updates: ^17.3.1]
• drizzle-kit 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]

apps/portal/packages/email/package.json

apps/portal/packages/observability/package.json (4)

• @sentry/nextjs ^10.45.0 → [Updates: ^10.45.0]
• @t3-oss/env-nextjs ^0.13.11
• zod ^4.3.6
• server-only ^0.0.1

apps/portal/packages/schemas/package.json (3)

• drizzle-orm 1.0.0-beta.15-859cf75 → [Updates: 1.0.0-beta.9-e89174b]
• zod ^4.3.6
• zod-validation-error ^5.0.0

apps/portal/packages/seo/package.json (4)

• schema-dts ^2.0.0
• @types/lodash ^4.17.24
• lodash ^4.17.23 → [Updates: ^4.17.23]
• react 19.2.4

apps/portal/packages/types/package.json (1)

• react 19.2.4

apps/portal/packages/utils/package.json (1)

• date-fns ^4.1.0

apps/tools-web/package.json (1)

• @cloudflare/workers-types ^4.20260317.1 → [Updates: ^4.20260317.1]

apps/web/package.json (53)

• @emotion/react ^11.14.0
• @emotion/styled ^11.14.1
• @hookform/resolvers ^5.2.2
• @mdx-js/loader ^3.1.1
• @mdx-js/react ^3.1.1
• @mondaydotcomorg/api ^14.0.0
• @next/mdx ^16.2.1
• @next/third-parties ^16.2.1
• @react-three/fiber ^9.5.0
• @stepperize/react ^5.1.9 → [Updates: ^6.0.0]
• @t3-oss/env-nextjs ^0.13.11
• @tabler/icons-react ^3.40.0
• @tailwindcss/typography ^0.5.19
• contentlayer2 ^0.5.8
• date-fns ^4.1.0
• embla-carousel-auto-scroll ^8.6.0
• embla-carousel-react ^8.6.0
• feed ^5.2.0
• globals ^17.4.0
• graphql ^16.13.1
• graphql-request ^7.4.0
• marked ^17.0.5 → [Updates: ^18.0.0]
• motion ^12.38.0
• next-contentlayer2 ^0.5.8
• next-themes ^0.4.6
• node-quickbooks ^2.0.48
• react 19.2.4
• react-dom 19.2.4
• react-hook-form ^7.72.0
• react-icons ^5.6.0
• react-markdown ^10.1.0
• rehype-autolink-headings ^7.1.0
• rehype-slug ^6.0.0
• remark-gfm ^4.0.1
• shadcn ^4.1.0
• three ^0.183.2
• trigger.dev ^4.4.3
• zod ^4.3.6
• @cloudflare/vitest-pool-workers ^0.13.3 → [Updates: ^0.14.0]
• @cloudflare/workers-types ^4.20260317.1 → [Updates: ^4.20260317.1]
• @opennextjs/cloudflare ^1.17.3
• @svgr/webpack ^8.1.0
• @types/mdx ^2.0.13
• @types/three ^0.183.1
• @types/webpack ^5.28.5
• @vitest/coverage-v8 ^4.1.1
• dotenv ^17.3.1
• open ^11.0.0
• ts-node ^10.9.2
• vitest ^4.1.1
• node >=24.0.0
• pnpm >=10.0.0
• pnpm 10.28.2 → [Updates: 10.33.0]

package.json (16)

• @commitlint/cli ^20.5.0
• @commitlint/config-conventional ^20.5.0
• @commitlint/types ^20.5.0
• @intellectronica/ruler ^0.3.38
• husky ^9.1.7
• knip ^6.0.6 → [Updates: ^6.0.6]
• lint-staged ^16.4.0
• oxfmt ^0.41.0 → [Updates: ^0.43.0]
• oxlint ^1.56.0 → [Updates: ^1.56.0]
• oxlint-tsgolint ^0.17.2 → [Updates: ^0.19.0]
• turbo ^2.8.20 → [Updates: ^2.8.20]
• ultracite 7.4.3
• node >=24.0.0
• pnpm >=10.0.0
• pnpm 10.28.2 → [Updates: 10.33.0]
• zod 4.3.6

packages/fibery/package.json

packages/tools-manifest/package.json

packages/ui/package.json (17)

• @base-ui/react ^1.3.0
• cmdk ^1.1.1
• date-fns ^4.1.0
• embla-carousel-auto-scroll ^8.6.0
• embla-carousel-react ^8.6.0
• input-otp ^1.4.2
• react-day-picker ^9.14.0
• react-resizable-panels ^4.7.5 → [Updates: ^4.7.5]
• recharts 3.8.0 → [Updates: 3.8.1]
• sonner ^2.0.7
• vaul ^1.1.2
• next-themes ^0.4.6
• next >=16.0.0
• next-themes ^0.4.0
• react ^19.0.0
• react-dom ^19.0.0
• react-hook-form ^7.0.0

pnpm-workspace.yaml (20)

• @radix-ui/react-slot ^1.1.0
• @tailwindcss/postcss ^4.2.2
• @types/node ^25.5.0 → [Updates: ^25.5.0]
• @types/react ^19.2.14
• @types/react-dom ^19.2.3
• alchemy ^0.90.0 → [Updates: ^0.90.0]
• class-variance-authority ^0.7.1
• clsx ^2.1.1
• lucide-react ^0.564.0 → [Updates: ^0.577.0, ^1.0.0]
• next 16.2.1 → [Updates: 16.2.2]
• postcss ^8.5.8
• react ^19.2.4
• react-dom ^19.2.4
• tailwind-merge ^3.5.0
• tailwindcss ^4.2.2
• tailwindcss-animate ^1.0.7
• tw-animate-css ^1.4.0
• typescript 6.0.2
• vitest ^4.1.1 → [Updates: ^4.1.1]
• wrangler ^4.76.0 → [Updates: ^4.76.0]

pep621 (3)

apps/bridge/pyproject.toml (13)

• python >=3.10
• discord.py >=2.7.1
• slixmpp >=1.14.1
• httpx >=0.28.1
• pyyaml >=6.0.3
• python-dotenv >=1.2.2
• cachetools >=7.0.5
• loguru >=0.7.3
• tenacity >=9.1.4
• pydle >=1.1.0
• uvloop >=0.22.1
• privatebin >=0.3.0
• basedpyright >=1.39.0

infra/sh/pyproject.toml (5)

• python >=3.11
• ansible-lint >=25.0.0
• molecule >=24.0.0
• molecule-plugins >=23.0.0
• pytest-testinfra >=10.0.0

pyproject.toml (1)

• python >=3.11

---

• Check this box to trigger a request for Renovate to run again on this repository