Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository Problems

These problems occurred while renovating this repository. View logs.

• ⚠️ WARN: Package lookup failures

Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

View abandoned dependencies (23)

[!NOTE]
Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

Datasource	Package	Last Updated
github-actions	actions/delete-package-versions	2024-02-07
github-actions	release-flow/keep-a-changelog-action	2024-02-04
github-actions	reviewdog/action-markdownlint	2025-03-18
github-actions	reviewdog/action-shfmt	2025-03-18
github-actions	reviewdog/action-yamllint	2025-03-18
pep621	aiocache	2024-09-25
pep621	alembic-utils	2025-04-10
pep621	annotated-types	2024-05-20
pep621	docstr-coverage	2024-05-07
pep621	jinja2	2025-03-05
pep621	loguru	2024-12-06
pep621	pytest-loguru	2024-03-20
pep621	pytest-parallel	2021-10-10
pep621	pytest-socket	2024-01-28
pep621	reactionmenu	2024-07-06
pep621	semver	2025-01-24
pep621	tomli-w	2025-01-15
pep621	types-click	2021-11-23
pep621	types-influxdb-client	2024-12-21
pep621	types-jinja2	2021-11-26
pep621	types-pillow	2024-08-22
pep621	watchdog	2024-11-01

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): update python runtime [skip pre-commit.ci]
• chore(deps): update dependency rich to v15 [skip pre-commit.ci]
• chore(deps): lock file maintenance [skip pre-commit.ci]
• chore(deps): update types [skip pre-commit.ci] (types-aiofiles, types-mock, types-psutil, types-pytz, types-pyyaml)
• 🔐 Create all awaiting schedule PRs at once 🔐

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• fix(deps): update dependency pillow to v12 [security]
• chore(deps): update postgres docker tag to v18 [skip pre-commit.ci]

Pending Branch Automerge

The following updates await pending status checks before automerging. To abort the branch automerge and create a PR instead, click on a checkbox below.

• chore(deps): update actions [skip pre-commit.ci] (actions/upload-artifact, docker/build-push-action, docker/scout-action, github/codeql-action, lewagon/wait-on-check-action, reviewdog/action-actionlint)

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package actions/dependency-review-action).

Files affected: .github/workflows/security.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency pytest to v9.0.3 [security]
• chore(deps): update patch [skip pre-commit.ci] (githubkit, sqlalchemy, sqlmodel)
• chore(deps): update minor [skip pre-commit.ci] (pytest-cov, sentry-sdk)
• chore(deps): lock file maintenance [skip pre-commit.ci]
• chore(deps): update dev [skip pre-commit.ci] (basedpyright, ruff)
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

3/3 CVEs have Renovate fixes.

Detected Dependencies

devcontainer (1)

.devcontainer/devcontainer.json (3)

• mcr.microsoft.com/devcontainers/python 2-3.13-bullseye
• ghcr.io/devcontainers/features/docker-in-docker 2
• ghcr.io/devcontainers/features/git 1

docker-compose (1)

compose.yaml (4)

• postgres 17-alpine@sha256:6f30057d31f5861b66f3545d4821f987aacf1dd920765f0acadea0c58ff975b1 → [Updates: 18-alpine]
• valkey/valkey 9.1-alpine@sha256:355ae2c6c965769a0d9b9810711e6befd5b79fe676d1faa848247733ad6a4408
• busybox latest@sha256:1487d0af5f52b4ba31c7e465126ee2123fe3f2305d638e7827681e7cf6c83d5e
• adminer latest@sha256:3a1582df310cf49a3c9cad2882496eed4596563f8d33250703f8b26e538cef7d

dockerfile (1)

Containerfile (1)

• python 3.13.11-slim → [Updates: 3.14.3-slim, 3.13.11-slim]

github-actions (11)

.github/actions/setup-python/action.yml (2)

• actions/setup-python v6@a309ff8b426b58ec0e2a45f0f869d46889d02405
• astral-sh/setup-uv v7@37802adc94f370d6bfd71619e3f0bf239e1f3b78

.github/workflows/ci.yml (21)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-markdownlint v0.26.2@3667398db9118d7e78f7a63d10e26ce454ba5f58
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-shellcheck v1.32@4c07458293ac342d477251099501a718ae5ef86e
• reviewdog/action-shfmt v1.0.4@d8f080930b9be5847b4f97e9f4122b81a82aaeac
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-actionlint v1.71.0@0d952c597ef8459f634d7145b0b044a9699e5e43 → [Updates: v1.72.0]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-hadolint v1.50.5@921946a7ebaaf08ac72607bad67209f4e52b5407
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-yamllint v1.21.0@f01d8a48fd8d89f89895499fca2cff09f9e9e8c0
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• reviewdog/action-gitleaks v1.8@2b7b5685e3e3eecddab5d30cfa04f18123031421

.github/workflows/cleanup.yml (1)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/dependency-submission.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rmuir/uv-dependency-submission v1.0.1@a3a7623508859966d229ca99a16b91b262e6f8c4

.github/workflows/docker-push.yml (5)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294 → [Updates: v7]

.github/workflows/docker.yml (20)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294 → [Updates: v7]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121
• docker/scout-action v1@f8c776824083494ab0d56b8105ba2ca85c86e4de → [Updates: v1]
• docker/scout-action v1@f8c776824083494ab0d56b8105ba2ca85c86e4de → [Updates: v1]
• docker/scout-action v1@f8c776824083494ab0d56b8105ba2ca85c86e4de → [Updates: v1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294 → [Updates: v7]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121
• docker/scout-action v1@f8c776824083494ab0d56b8105ba2ca85c86e4de → [Updates: v1]
• docker/build-push-action v7@d08e5c354a6adb9ed34480a06d141179aa583294 → [Updates: v7]

.github/workflows/docs.yml (11)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• mkcode/wrangler-version-deploy-action-with-metadata v1@35ee741c298be6c3bb124fbeef5feb85dabe3fcc
• juliangruber/find-pull-request-action v1@33d46d4ff90884bb23aaead16044125daaf733d8
• peter-evans/find-comment v4@b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad
• peter-evans/create-or-update-comment v5@e8674b075228eee787fea43ef493e45ece1004c9

.github/workflows/maintenance.yml (5)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• alstr/todo-to-issue-action v5.1.14@64aca8fda7023259aada83ba44ad988c4c443657
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/delete-package-versions v5@e5bc658cc4c965c472efe991f8beea3981499c55
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/release.yml (7)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• lewagon/wait-on-check-action v1.6.0@a08fbe2b86f9336198f33be6ad9c16b96f92799c → [Updates: v1.6.1]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• release-flow/keep-a-changelog-action v3@74931dec7ecdbfc8e38ac9ae7e8dd84c08db2f32
• release-flow/keep-a-changelog-action v3@74931dec7ecdbfc8e38ac9ae7e8dd84c08db2f32
• softprops/action-gh-release v3@b4309332981a82ec1c5618f44dd2e27cc8bfbfda
• getsentry/action-release v3@5657c9e888b4e2cc85f4d29143ea4131fde4a73a

.github/workflows/security.yml (10)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]
• github/codeql-action v4@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• rmuir/uv-dependency-submission v1.0.1@a3a7623508859966d229ca99a16b91b262e6f8c4
• actions/dependency-review-action v4@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f → [Updates: v7]

.github/workflows/tests.yml (6)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• tj-actions/changed-files v47@24d32ffd492484c1d75e0c0b894501ddb9d30d62
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• codecov/codecov-action v6@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2
• codecov/test-results-action v1@0fa95f0e1eeaafde2c782583b36b28ad0d8c77d3

nix (1)

flake.nix (2)

• flake-parts lock file @ 3107b77cd68437b9a76194f0f7f9c55f2329ca5b
• nixpkgs nixos-unstable

pep621 (1)

pyproject.toml (72)

• python >=3.13.2,<3.14 → [Updates: >=3.14.4,<3.15]
• aiocache >=0.12.3
• aiofiles >=24.1.0
• cairosvg >=2.7.1
• discord-py >=2.6.0
• influxdb-client >=1.48.0
• githubkit >=0.12.0 → [Updates: >=0.12.0]
• httpx >=0.28.0
• jishaku >=2.5.2
• loguru >=0.7.2
• pillow >=10.2.0,<12.0.0 → [Updates: >=12.2.0,<12.3.0]
• psutil >=7.1.0
• pynacl >=1.5.0
• python-dotenv >=1.0.1
• pytz >=2025.2
• reactionmenu >=3.1.7
• rsa >=4.9
• sentry-sdk >=2.7.0 → [Updates: >=2.7.0]
• audioop-lts >=0.2.2
• rich >=14.0.0 → [Updates: >=14.0.0]
• watchdog >=6.0.0
• arrow >=1.3.0
• levenshtein >=0.27.1
• jinja2 >=3.1.6
• sqlmodel >=0.0.24 → [Updates: >=0.0.24]
• sqlalchemy >=2.0.14 → [Updates: >=2.0.14]
• alembic >=1.16.5
• alembic-postgresql-enum >=1.8.0
• alembic-utils >=0.8.8
• psycopg >=3.2.9
• pydantic >=2.11.7 → [Updates: >=2.11.7]
• h2 >=4.1.0
• pydantic-settings >=2.10.1
• typer >=0.17.3
• semver >=3.0.4
• tomli-w >=1.0.0
• tomlkit >=0.13.3
• pyyaml >=6.0.3
• valkey >=6.1.1
• pre-commit >=4.3.0
• basedpyright ==1.38.3 → [Updates: ==1.39.0]
• ruff >=0.12.4 → [Updates: >=0.12.4]
• yamllint >=1.37.1
• yamlfix >=1.18.0
• pydoclint >=0.7.3
• docstr-coverage >=2.3.2
• pytest >=8.4.2 → [Updates: >=8.4.2]
• pytest-asyncio >=1.2.0
• pytest-mock >=3.15.1
• pytest-cov >=7.0.0 → [Updates: >=7.0.0]
• pytest-randomly >=4.0.1
• pytest-timeout >=2.4.0
• pytest-html >=4.1.1
• pytest-alembic >=0.12.1
• pytest-loguru >=0.4.0
• pytest-parallel >=0.1.1
• pytest-httpx >=0.35.0 → [Updates: >=0.35.0]
• py-pglite >=0.5.3
• pytest-xdist >=3.8.0
• pytest-pretty >=1.3.0
• pytest-socket >=0.7.0
• types-pytz >=2025.2.0.20250326 → [Updates: >=2025.2.0.20250326]
• types-click >=7.1.8
• types-psutil >=7.0.0.20250401 → [Updates: >=7.0.0.20250401]
• types-pillow >=10.2.0.20240822
• types-aiofiles >=24.1.0.20250326 → [Updates: >=24.1.0.20250326]
• types-influxdb-client >=1.45.0.20241221
• types-jinja2 >=2.11.9
• annotated-types >=0.7.0
• asyncpg-stubs >=0.30.2
• types-mock >=5.2.0.20250924 → [Updates: >=5.2.0.20250924]
• types-pyyaml >=6.0.12.20250915 → [Updates: >=6.0.12.20250915]

regex (6)

.github/workflows/ci.yml (1)

• python 3.13.11 → [Updates: 3.14.4]

.github/workflows/docker.yml (1)

• python 3.13.11 → [Updates: 3.14.4]

.github/workflows/docs.yml (1)

• python 3.13.11 → [Updates: 3.14.4]

.github/workflows/security.yml (1)

• python 3.13.11 → [Updates: 3.14.4]

.github/workflows/tests.yml (1)

• python 3.13.11 → [Updates: 3.14.4]

.python-version (1)

• python 3.13.11 → [Updates: 3.14.4]

---

• Check this box to trigger a request for Renovate to run again on this repository