Dependency Dashboard

[renovate-sh-app]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed

See Config Migration PR: #1317.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Updating multiple npm lock files is deprecated and support will be removed in future versions.
• ⚠️ WARN: Package lookup failures

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (4)

Datasource	Package	Last Updated
github-actions	ouzi-dev/commit-status-updater	2024-05-28
gomod	github.com/sourcegraph/go-diff	2023-01-22
gomod	gopkg.in/yaml.v3	2022-05-27

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): pin grafana/writers-toolkit action to b79bf34
• chore(deps): update golang:alpine docker digest to f853308
• chore(deps): update dependency @types/node to v24.12.2
• chore(deps): update dependency go to v1.26.2
• chore(deps): update dependency prettier to v3.8.3
• chore(deps): update actions/create-github-app-token action to v3.1.1
• chore(deps): update actions/setup-go action to v6.4.0
• chore(deps): update docker/build-push-action action to v7.1.0
• chore(deps): update docker/login-action action to v4.1.0
• chore(deps): update github/codeql-action action to v4.35.2
• chore(deps): update jdkato/vale docker tag to v3.14.1
• chore(deps): update actions/github-script action to v9
• 🔐 Create all rate-limited PRs at once 🔐

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package grafana/shared-workflows).

Files affected: .github/workflows/add-to-docs-project.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• fix(deps): update module github.com/gohugoio/hugo to v0.159.2 [security]
• chore(deps): update nginx docker tag to v1.29.7
• chore(deps): update dependency typescript to v6
• chore(deps): update peter-evans/create-or-update-comment action to v5
• chore(deps): update peter-evans/find-comment action to v4
• chore(deps): update step-security/changed-files action to v47
• fix(deps): update dependency @actions/core to v3
• fix(deps): update module github.com/google/go-github/v72 to v84
• fix(deps): update octokit monorepo (major) (@octokit/graphql, @octokit/rest)
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

1/1 CVEs have Renovate fixes.

gomod

tools/go.mod

github.com/gohugoio/hugo

• GHSA-mcv8-8m8x-48pg (fixed in >= 0.159.2)

Detected Dependencies

dockerfile (2)

deploy-preview/Dockerfile (1)

• nginx 1.29.6-alpine@sha256:f46cb72c7df02710e693e863a983ac42f6a9579058a59a35f1ae36c9958e4ce0 → [Updates: 1.29.7-alpine]

vale/Dockerfile (2)

• golang alpine@sha256:2389ebfa5b7f43eeafbd6be0c3700cc46690ef842ad962f6c5bd6be49ed82039 → [Updates: alpine]
• jdkato/vale v3.8.0@sha256:a744bc4f8164bceab6bda0fad6253dcd9cdab2365b437aa5e08fe4f07d6e3357 → [Updates: v3.14.1]

github-actions (18)

.github/workflows/add-to-docs-project.yml (7)

• grafana/shared-workflows get-vault-secrets/v1.3.1@f1614b210386ac420af6807a997ac7f6d96e477a
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]
• grafana/shared-workflows v1.0.0@7b628e7352c2dea057c565cc4fcd5564d5f396c0
• grafana/shared-workflows v1.0.0@7b628e7352c2dea057c565cc4fcd5564d5f396c0

.github/workflows/deploy-pr-preview.yml (1)

• grafana/writers-toolkit main → [Updates: main]

.github/workflows/deploy-preview.yml (19)

• peter-evans/find-comment v3.1.0@3eae4d37986fb5a8592848f6a574fdf654e61f9e → [Updates: v4.0.0]
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• google-github-actions/auth v3.0.0@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093
• docker/login-action v4.0.0@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4.1.0]
• docker/metadata-action v6.0.0@030e881283bb7a6894de51c315a6bfe6a94e05cf
• docker/setup-buildx-action v4.0.0@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• docker/build-push-action v7.0.0@d08e5c354a6adb9ed34480a06d141179aa583294 → [Updates: v7.1.0]
• google-github-actions/auth v3.0.0@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093
• google-github-actions/deploy-cloudrun v3.0.1@2028e2d7d30a78c6910e0632e48dd561b064884d
• google-github-actions/setup-gcloud v3.0.1@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db
• ouzi-dev/commit-status-updater v2.0.2@26588d166ff273fc4c0664517359948f7cdc9bf1
• ouzi-dev/commit-status-updater v2.0.2@26588d166ff273fc4c0664517359948f7cdc9bf1
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]
• peter-evans/create-or-update-comment v4.0.0@71345be0265236311c031f5c7866368bd1eff043 → [Updates: v5.0.0]

.github/workflows/dictionaries.yml (6)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/shared-workflows get-vault-secrets/v1.3.1@f1614b210386ac420af6807a997ac7f6d96e477a
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f
• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]

.github/workflows/docs-ci.yml (10)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/writers-toolkit build-website/v1@7e0981fdbf5a4446e309ecb655596a71113d60ae
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/writers-toolkit vale-action/v1.4.5@f49dd90f007967990095ac2d18c5bdf37b412a5f
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/writers-toolkit readability/v1@db70a56778bfaa00bbf2a6c37bbab2b79fb5c598
• node 20

.github/workflows/image.yml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/shared-workflows build-push-to-dockerhub/v0.4.2@05f46dbfcfffa2b38c50cd11b1f86ec823ebc73e

.github/workflows/prettier.yml (1)

• grafana/writers-toolkit main → [Updates: main]

.github/workflows/publish-technical-documentation.yml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/review.yml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.3.0@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6.4.0]
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]
• go 1.21

.github/workflows/test-publish-technical-documentation-release.yml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/validate-documentation.yml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/changed-files v46.0.5@95b56dadb92a30ca9036f16423fd3c088a71ee94 → [Updates: v47.0.5]

.github/workflows/validate-policy-bot-config.yml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

build-website/action.yml (2)

• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]

prettier/action.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/shared-workflows get-vault-secrets/v1.3.1@f1614b210386ac420af6807a997ac7f6d96e477a
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]

publish-technical-documentation-release/action.yaml (5)

• grafana/writers-toolkit build-website/v1@7e0981fdbf5a4446e309ecb655596a71113d60ae
• grafana/shared-workflows get-vault-secrets/v1.3.1@f1614b210386ac420af6807a997ac7f6d96e477a
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

publish-technical-documentation/action.yml (4)

• grafana/writers-toolkit build-website/v1@7e0981fdbf5a4446e309ecb655596a71113d60ae
• grafana/shared-workflows get-vault-secrets/v1.3.1@f1614b210386ac420af6807a997ac7f6d96e477a
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

readability/action.yml (1)

• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]

vale-action/action.yml (3)

• step-security/changed-files v46.0.5@95b56dadb92a30ca9036f16423fd3c088a71ee94 → [Updates: v47.0.5]
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd → [Updates: v9.0.0]
• github/codeql-action v4.34.1@38697555549f1db7851b81482ff19f1fa5c4fedc → [Updates: v4.35.2]

gomod (3)

tools/go.mod (5)

• go 1.25.0
• go 1.26.1 → [Updates: 1.26.2]
• github.com/BurntSushi/toml v1.6.0
• github.com/gohugoio/hugo v0.158.0 → [Updates: v0.159.2]
• gopkg.in/yaml.v3 v3.0.1

vale/Grafana/styles/config/scripts/go.mod (1)

• go 1.22.0

vale/tools/go.mod (4)

• go 1.23.3
• github.com/google/go-github/v72 v72.0.0 → [Updates: v84.0.0]
• github.com/sourcegraph/go-diff v0.7.0
• github.com/stretchr/testify v1.11.1

npm (2)

add-to-docs-project/package.json (8)

• @actions/core 1.11.1 → [Updates: 3.0.0]
• @octokit/graphql 8.2.2 → [Updates: 9.0.3]
• @octokit/rest 21.1.1 → [Updates: 22.0.1]
• @types/node 24.12.0 → [Updates: 24.12.2]
• ts-node 10.9.2
• typescript 5.9.3 → [Updates: 6.0.2]
• node >=22
• npm >=10

package.json (1)

• prettier 3.8.1 → [Updates: 3.8.3]

renovate-config-presets (1)

.github/renovate.json5

---

Need help?

You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section.