Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/WissCore/moldchat).

## Repository Problems

These problems occurred while renovating this repository. [View logs](https://developer.mend.io//github/WissCore/moldchat).

 - ⚠️ WARN: Package lookup failures

## Abandoned Dependencies

The following dependencies have not received updates for an extended period and may be unmaintained.

<details>
<summary>View abandoned dependencies (3)</summary>

> [!NOTE]
Packages are marked as abandoned when they exceed the [`abandonmentThreshold`](https://docs.renovatebot.com/configuration-options/#abandonmentthreshold) since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.
> 
| Datasource | Package | Last Updated |
|------------|------|-------------|
| github-actions | [slsa-framework/slsa-github-generator](https://redirect.github.com/slsa-framework/slsa-github-generator) | `2025-02-24` |
| gomod | [github.com/mutecomm/go-sqlcipher/v4](https://redirect.github.com/mutecomm/go-sqlcipher) | `2020-12-07` |
| gomod | [go.uber.org/goleak](https://redirect.github.com/uber-go/goleak) | `2023-10-24` |

</details>



---

> [!WARNING]
> Renovate failed to look up the following dependencies: `Could not determine new digest for update (docker package gcr.io/distroless/cc-debian12)`.
> 
> Files affected: `server/Dockerfile`

---


## Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

 - [ ] [chore(deps): update github/codeql-action digest to e46ed2c](../pull/43)
 - [ ] [chore(deps): update step-security/harden-runner digest to a5ad31d](../pull/44)
 - [ ] **Click on this checkbox to rebase all open PRs at once**

## Detected Dependencies

<details><summary>docker-compose (1)</summary>
<blockquote>

<details><summary>deploy/compose.yaml</summary>


</details>

</blockquote>
</details>

<details><summary>dockerfile (1)</summary>
<blockquote>

<details><summary>server/Dockerfile (2)</summary>

 - `docker/dockerfile 1.23@sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769`
 - `gcr.io/distroless/cc-debian12 nonroot@sha256:e2d29aec8061843706b7e484c444f78fafb05bfe47745505252b1769a05d14f1`

</details>

</blockquote>
</details>

<details><summary>github-actions (15)</summary>
<blockquote>

<details><summary>.github/workflows/backup-roundtrip.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`

</details>

<details><summary>.github/workflows/build-test.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`

</details>

<details><summary>.github/workflows/ci.yml (2)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`

</details>

<details><summary>.github/workflows/codeql.yml (4)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `github/codeql-action v4@95e58e9a2cdfd71adc6e0353d5c52f41a045d225` → [Updates: `v4`]
 - `github/codeql-action v4@95e58e9a2cdfd71adc6e0353d5c52f41a045d225` → [Updates: `v4`]

</details>

<details><summary>.github/workflows/dco.yml (2)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`

</details>

<details><summary>.github/workflows/dependency-review.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/dependency-review-action v4.9.0@2031cfc080254a8a887f58cffee85186f0e49e48`

</details>

<details><summary>.github/workflows/docker.yml (7)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `docker/setup-buildx-action v4.0.0@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd`
 - `docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121`
 - `docker/metadata-action v6.0.0@030e881283bb7a6894de51c315a6bfe6a94e05cf`
 - `docker/build-push-action v7.1.0@bcafcacb16a39f128d818304e6c9c0c18556b85f`
 - `sigstore/cosign-installer v4.1.1@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003`

</details>

<details><summary>.github/workflows/gitleaks.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `jdx/mise-action v4@1648a7812b9aeae629881980618f079932869151`

</details>

<details><summary>.github/workflows/osv-scanner.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `jdx/mise-action v4@1648a7812b9aeae629881980618f079932869151`

</details>

<details><summary>.github/workflows/release.yml (2)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `googleapis/release-please-action v5@45996ed1f6d02564a971a2fa1b5860e934307cf7`

</details>

<details><summary>.github/workflows/scorecard.yml (4)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a`
 - `github/codeql-action v4@95e58e9a2cdfd71adc6e0353d5c52f41a045d225` → [Updates: `v4`]

</details>

<details><summary>.github/workflows/semantic-pr.yml (2)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `amannn/action-semantic-pull-request v6@48f256284bd46cdaab1048c3721360e808335d50`

</details>

<details><summary>.github/workflows/sigstore-sign.yml (8)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `anchore/sbom-action v0.24.0@e22c389904149dbc22b58101806040fa8d37a610`
 - `sigstore/cosign-installer v4.1.1@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003`
 - `actions/attest-build-provenance v4@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32`
 - `actions/attest-sbom v4@c604332985a26aa8cf1bdc465b92731239ec6b9e`
 - `slsa-framework/slsa-github-generator v2.1.0`

</details>

<details><summary>.github/workflows/smoke.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6@4a3601121dd01d1626a1e23e37211e3254c1c06c`

</details>

<details><summary>.github/workflows/zizmor.yml (3)</summary>

 - `step-security/harden-runner v2@8d3c67de8e2fe68ef647c8db1e6a09f647780f40` → [Updates: `v2`]
 - `actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `zizmorcore/zizmor-action v0.5.3@b1d7e1fb5de872772f31590499237e7cce841e8e`

</details>

</blockquote>
</details>

<details><summary>gomod (1)</summary>
<blockquote>

<details><summary>server/go.mod (5)</summary>

 - `go 1.26.2`
 - `github.com/cloudflare/circl v1.6.3`
 - `github.com/mutecomm/go-sqlcipher/v4 v4.4.2`
 - `go.uber.org/goleak v1.3.0`
 - `golang.org/x/crypto v0.50.0`

</details>

</blockquote>
</details>

<details><summary>mise (1)</summary>
<blockquote>

<details><summary>.mise.toml (3)</summary>

 - `go 1.26.2`
 - `kotlin 2.3.21`
 - `node 24.15.0`

</details>

</blockquote>
</details>

---

- [ ] Check this box to trigger a request for Renovate to run again on this repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependency Dashboard #5

Repository Problems

Abandoned Dependencies

Open

Detected Dependencies

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Datasource	Package	Last Updated
github-actions	slsa-framework/slsa-github-generator	`2025-02-24`
gomod	github.com/mutecomm/go-sqlcipher/v4	`2020-12-07`
gomod	go.uber.org/goleak	`2023-10-24`

Dependency Dashboard #5

Description

Repository Problems

Abandoned Dependencies

Open

Detected Dependencies

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions