Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update module github.com/fluxcd/helm-controller/api to v1.6.0
• chore(deps): update module github.com/fluxcd/kustomize-controller/api to v1.9.0

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps-dev): update actions/checkout digest to df4cb1c
• chore(deps): update alpine:3.24 docker digest to 28bd5fe
• chore(deps-dev): update dependency go to 1.26.x
• chore(deps): update kubernetes monorepo to v0.36.2 (k8s.io/api, k8s.io/apimachinery, k8s.io/cli-runtime, k8s.io/client-go, k8s.io/kubectl)
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• alpine 3.24@sha256:a2d49ea686c2adfe3c992e47dc3b5e7fa6e6b5055609400dc2acaeb241c829f4 → [Updates: 3.24]

github-actions (11)

.github/workflows/main.yaml (4)

• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• shogo82148/actions-goveralls v1.11.0@9606dbc5ac5cf888a0e9ef901515c3cd516a2790
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/pr-actions.yaml (3)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• zgosalvez/github-actions-ensure-sha-pinned-actions v5.0.4@ca46236c6ce584ae24bc6283ba8dcf4b3ec8a066

.github/workflows/pr-build.yaml (4)

• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• shogo82148/actions-goveralls v1.11.0@9606dbc5ac5cf888a0e9ef901515c3cd516a2790
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/pr-goreleaser.yaml (3)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• goreleaser/goreleaser-action v7.2.2@5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89

.github/workflows/pr-label.yaml (1)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411

.github/workflows/pr-stale.yaml (2)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/stale v10.3.0@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899

.github/workflows/pr-trivy.yaml (3)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4.36.2@8aad20d150bbac5944a9f9d289da16a4b0d87c1e

.github/workflows/rebase.yaml (3)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• cirrus-actions/rebase 1.8@b87d48154a87a85666003575337e27b8cd65f691

.github/workflows/release.yaml (7)

• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• docker/login-action v4.2.0@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
• sigstore/cosign-installer v4.1.2@6f9f17788090df1f26f669e9d70d6ae9567deba6
• anchore/sbom-action v0.24.0@e22c389904149dbc22b58101806040fa8d37a610
• goreleaser/goreleaser-action v7.2.2@5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89
• go 1.25.x → [Updates: 1.26.x]

.github/workflows/scan.yaml (5)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818
• github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818

.github/workflows/scorecard.yaml (5)

• step-security/harden-runner v2.19.4@9af89fc71515a100421586dfdb3dc9c984fbf411
• actions/checkout v6.0.3@df4cb1c069e1874edd31b4311f1884172cec0e10
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• github/codeql-action v4.36.2@8aad20d150bbac5944a9f9d289da16a4b0d87c1e

gomod (1)

go.mod (13)

• go 1.25.0
• github.com/fluxcd/helm-controller/api v1.5.5 → [Updates: v1.6.0]
• github.com/fluxcd/kustomize-controller/api v1.8.5 → [Updates: v1.9.0]
• github.com/spf13/cobra v1.10.2
• github.com/stretchr/testify v1.11.1
• gotest.tools/v3 v3.5.2
• k8s.io/api v0.35.4 → [Updates: v0.36.2]
• k8s.io/apimachinery v0.35.4 → [Updates: v0.36.2]
• k8s.io/cli-runtime v0.35.4 → [Updates: v0.36.2]
• k8s.io/client-go v0.35.4 → [Updates: v0.36.2]
• k8s.io/klog/v2 v2.140.0
• k8s.io/kubectl v0.35.4 → [Updates: v0.36.2]
• sigs.k8s.io/cli-utils v0.37.2

homebrew (1)

Formula/gitops-zombies.rb (1)

• raffis/gitops-zombies v0.1.1

renovate-config (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository