Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/opendefensecloud/ocm-kit).

## Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

 - [ ] Update docker/login-action digest to 650006c
 - [ ] Update docker/metadata-action digest to 80c7e94
 - [ ] Update docker/setup-buildx-action digest to d7f5e7f
 - [ ] 🔐 **Create all rate-limited PRs at once** 🔐

## Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

 - [ ] [Pin gcr.io/distroless/static Docker tag to 963fa6c](../pull/52)
 - [ ] [Update docker/build-push-action digest to f9f3042](../pull/53)
 - [ ] [Update golangci/golangci-lint-action digest to 82606bf](../pull/55)
 - [ ] [Update golang version sync](../pull/43) (`go`, `golang`)
 - [ ] [Update google/osv-scanner-action action to v2.3.8](../pull/45)
 - [ ] [Update module github.com/ThalesGroup/crypto11 to v1.6.1](../pull/54)
 - [ ] [Update module osv-scanner to v2.3.8](../pull/44)
 - [ ] [Update module ocm to v0.42.0](../pull/46)
 - [ ] [Update module ocm.software/ocm to v0.42.0](../pull/47)
 - [ ] [Update actions/checkout action to v6](../pull/51)
 - [ ] **Click on this checkbox to rebase all open PRs at once**

## Detected Dependencies

<details><summary>dockerfile (1)</summary>
<blockquote>

<details><summary>Dockerfile (2)</summary>

 - `golang 1.26` → [Updates: `1.26`]
 - `gcr.io/distroless/static nonroot` → [Updates: `nonroot`]

</details>

</blockquote>
</details>

<details><summary>github-actions (8)</summary>
<blockquote>

<details><summary>.github/workflows/conventional-commits.yml (3)</summary>

 - `amannn/action-semantic-pull-request v6@48f256284bd46cdaab1048c3721360e808335d50`
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `wagoid/commitlint-github-action v6@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed`

</details>

<details><summary>.github/workflows/golang.yaml (9)</summary>

 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `golangci/golangci-lint-action v9@1e7e51e771db61008b38414a730f564565cf7c20` → [Updates: `v9`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `jandelgado/gcov2lcov-action v1.2.0@e4612787670fc5b5f49026b8c29c5569921de1db`
 - `coverallsapp/github-action v2.3.7@5cbfd81b66ca5d10c19b062c04de0199c215fb6e`
 - `go ${{ steps.get-go-version.outputs.version }}`
 - `go ${{ needs.lint.outputs.go-version }}`

</details>

<details><summary>.github/workflows/issues-add-labels.yaml</summary>


</details>

<details><summary>.github/workflows/issues-add-to-project.yml (1)</summary>

 - `actions/add-to-project v2@5afcf98fcd03f1c2f92c3c83f58ae24323cc57fd`

</details>

<details><summary>.github/workflows/osv-scanner.yml (2)</summary>

 - `google/osv-scanner-action v2.3.5@c51854704019a247608d928f370c98740469d4b5` → [Updates: `v2.3.8`]
 - `google/osv-scanner-action v2.3.5@c51854704019a247608d928f370c98740469d4b5` → [Updates: `v2.3.8`]

</details>

<details><summary>.github/workflows/release-drafter.yaml (1)</summary>

 - `release-drafter/release-drafter v7@c2e2804cc59f45f57076a99af580d0fedb697927`

</details>

<details><summary>.github/workflows/release.yaml (10)</summary>

 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `softprops/action-gh-release v3@b4309332981a82ec1c5618f44dd2e27cc8bfbfda`
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `docker/setup-qemu-action v4@ce360397dd3f832beb865e1373c09c0e9f86d70a`
 - `docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd` → [Updates: `v4`]
 - `docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121` → [Updates: `v4`]
 - `docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf` → [Updates: `v6`]
 - `docker/build-push-action v7@bcafcacb16a39f128d818304e6c9c0c18556b85f` → [Updates: `v7`]
 - `go ${{ steps.get-go-version.outputs.version }}`

</details>

<details><summary>.github/workflows/update-action-pins.yml (1)</summary>

 - `actions/checkout v4@34e114876b0b11c390a56381ad16ebd13914f8d5` → [Updates: `v6`]

</details>

</blockquote>
</details>

<details><summary>gomod (1)</summary>
<blockquote>

<details><summary>go.mod (6)</summary>

 - `go 1.26.2` → [Updates: `1.26.3`]
 - `github.com/Masterminds/sprig/v3 v3.3.0`
 - `github.com/spf13/cobra v1.10.2`
 - `ocm.software/ocm v0.41.0` → [Updates: `v0.42.0`]
 - `sigs.k8s.io/yaml v1.6.0`
 - `github.com/ThalesGroup/crypto11 v1.6.0` → [Updates: `v1.6.1`]

</details>

</blockquote>
</details>

<details><summary>regex (3)</summary>
<blockquote>

<details><summary>flake.nix (1)</summary>

 - `go 1.26.2` → [Updates: `1.26.3`]

</details>

<details><summary>Makefile (1)</summary>

 - `opendefensecloud/dev-kit v1.0.7`

</details>

<details><summary>tools.lock (3)</summary>

 - `golangci-lint v2.12.2`
 - `ocm v0.40.0` → [Updates: `v0.42.0`]
 - `osv-scanner v2.3.7` → [Updates: `v2.3.8`]

</details>

</blockquote>
</details>

<details><summary>renovate-config (1)</summary>
<blockquote>

<details><summary>renovate.json</summary>


</details>

</blockquote>
</details>

---

- [ ] Check this box to trigger a request for Renovate to run again on this repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependency Dashboard #12

Rate-Limited

Open

Detected Dependencies

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Dependency Dashboard #12

Description

Rate-Limited

Open

Detected Dependencies

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions