Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update module github.com/fluxcd/helm-controller/api to v1.5.4
• chore(deps): update module github.com/fluxcd/kustomize-controller/api to v1.8.4
• chore(deps-dev): update aquasecurity/trivy-action action to v0.36.0
• chore(deps-dev): update step-security/harden-runner action to v2.19.0
• chore(deps): update kubernetes monorepo to v0.36.0 (k8s.io/api, k8s.io/apimachinery, k8s.io/cli-runtime, k8s.io/client-go, k8s.io/kubectl)

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update alpine:3.23 docker digest to 5b10f43
• chore(deps-dev): update dependency go to 1.26.x
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• alpine 3.23@sha256:25109184c71bdad752c8312a8623239686a9a2071e8825f20acb8f2198c3f659 → [Updates: 3.23]

github-actions (11)

.github/workflows/main.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• shogo82148/actions-goveralls v1.11.0@9606dbc5ac5cf888a0e9ef901515c3cd516a2790
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/pr-actions.yaml (3)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• zgosalvez/github-actions-ensure-sha-pinned-actions v5.0.4@ca46236c6ce584ae24bc6283ba8dcf4b3ec8a066

.github/workflows/pr-build.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• shogo82148/actions-goveralls v1.11.0@9606dbc5ac5cf888a0e9ef901515c3cd516a2790
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/pr-goreleaser.yaml (3)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• goreleaser/goreleaser-action v7.1.0@e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c

.github/workflows/pr-label.yaml (1)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]

.github/workflows/pr-stale.yaml (2)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/stale v10.2.0@b5d41d4e1d5dceea10e7104786b73624c18a190f

.github/workflows/pr-trivy.yaml (3)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• aquasecurity/trivy-action 0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 → [Updates: v0.36.0]
• github/codeql-action v4.35.2@95e58e9a2cdfd71adc6e0353d5c52f41a045d225

.github/workflows/rebase.yaml (3)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• cirrus-actions/rebase 1.8@b87d48154a87a85666003575337e27b8cd65f691

.github/workflows/release.yaml (7)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121
• sigstore/cosign-installer v4.1.1@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003
• anchore/sbom-action v0.24.0@e22c389904149dbc22b58101806040fa8d37a610
• goreleaser/goreleaser-action v7.1.0@e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/scan.yaml (5)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818

.github/workflows/scorecard.yaml (5)

• step-security/harden-runner v2.18.0@6c3c2f2c1c457b00c10c4848d6f5491db3b629df → [Updates: v2.19.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• github/codeql-action v4.35.2@95e58e9a2cdfd71adc6e0353d5c52f41a045d225

gomod (1)

go.mod (13)

• go 1.25.0
• github.com/fluxcd/helm-controller/api v1.5.3 → [Updates: v1.5.4]
• github.com/fluxcd/kustomize-controller/api v1.8.3 → [Updates: v1.8.4]
• github.com/spf13/cobra v1.10.2
• github.com/stretchr/testify v1.11.1
• gotest.tools/v3 v3.5.2
• k8s.io/api v0.35.4 → [Updates: v0.36.0]
• k8s.io/apimachinery v0.35.4 → [Updates: v0.36.0]
• k8s.io/cli-runtime v0.35.4 → [Updates: v0.36.0]
• k8s.io/client-go v0.35.4 → [Updates: v0.36.0]
• k8s.io/klog/v2 v2.140.0
• k8s.io/kubectl v0.35.4 → [Updates: v0.36.0]
• sigs.k8s.io/cli-utils v0.37.2

homebrew (1)

Formula/gitops-zombies.rb (1)

• raffis/gitops-zombies v0.1.1

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository