Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Deprecations / Replacements

Warning

These dependencies are either deprecated or have replacements available:

Datasource	Package	Replacement PR?
gradle	com.github.tomakehurst:wiremock

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update dependency com.launchdarkly:launchdarkly-java-server-sdk to v7.13.2
• Update versions.tomcat to v9.0.116 (org.apache.tomcat.embed:tomcat-embed-el, org.apache.tomcat.embed:tomcat-embed-websocket, org.apache.tomcat.embed:tomcat-embed-core)
• Update dependency org.pitest:pitest to v1.23.0
• Update dependency org.yaml:snakeyaml to v2.6
• Update junit-framework monorepo to v5.14.3 (org.junit.jupiter:junit-jupiter-api, org.junit.jupiter:junit-jupiter-engine)
• Update plugin au.com.dius.pact to v4.6.20
• Update plugin com.github.ben-manes.versions to v0.53.0
• Update plugin info.solidsoft.pitest to v1.19.0
• Update plugin io.spring.dependency-management to v1.1.7
• Update plugin org.sonarqube to v5.1.0.4882
• Update spring security (org.springframework.security:spring-security-crypto, org.springframework.security:spring-security-rsa)
• Update versions.serenity to v2.6.0 (net.serenity-bdd:serenity-spring, net.serenity-bdd:serenity-rest-assured, net.serenity-bdd:serenity-junit, net.serenity-bdd:serenity-core)
• Update actions/checkout action to v6
• Update actions/setup-java action to v5
• Update dependency checkstyle to v13
• Update dependency com.github.hmcts:service-auth-provider-java-client to v5
• Update dependency com.github.hmcts.java-logging:logging to v8
• Update dependency com.github.tomakehurst:wiremock to v3
• Update dependency com.google.guava:guava to v33
• Update dependency com.nimbusds:nimbus-jose-jwt to v10
• Update dependency com.puppycrawl.tools:checkstyle to v13
• Update dependency io.github.openfeign:feign-httpclient to v13
• Update dependency net.logstash.logback:logstash-logback-encoder to v9
• Update dependency net.serenity-bdd:serenity-cucumber to v5
• Update dependency org.apache.pdfbox:pdfbox to v3
• Update dependency org.json:json to v20230618
• Update dependency org.springframework:spring-context-support to v7
• Update dependency org.springframework.hateoas:spring-hateoas to v3
• Update dependency org.springframework.security:spring-security-crypto to v7
• Update Gradle to v9
• Update hmctsprod.azurecr.io/base/java Docker tag to v21
• Update junit-framework monorepo to v6 (major) (org.junit.jupiter:junit-jupiter-api, org.junit.jupiter:junit-jupiter-engine)
• Update plugin org.owasp.dependencycheck to v12
• Update plugin org.sonarqube to v7
• Update spring boot to v4 (major) (org.springframework.boot:spring-boot-starter-test, org.springframework.boot:spring-boot-starter-web, org.springframework.boot, org.springframework.boot:spring-boot-gradle-plugin)
• Update spring cloud to v5 (major) (org.springframework.cloud:spring-cloud-contract-wiremock, org.springframework.cloud:spring-cloud-starter-openfeign)
• Update versions.restAssured to v6 (major) (io.rest-assured:xml-path, io.rest-assured:json-path, io.rest-assured:rest-assured)
• Update versions.serenity to v5 (major) (net.serenity-bdd:serenity-spring, net.serenity-bdd:serenity-rest-assured, net.serenity-bdd:serenity-junit, net.serenity-bdd:serenity-core)
• Update versions.tomcat to v11 (major) (org.apache.tomcat.embed:tomcat-embed-el, org.apache.tomcat.embed:tomcat-embed-websocket, org.apache.tomcat.embed:tomcat-embed-core)
• 🔐 Create all rate-limited PRs at once 🔐

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• Update versions.pact_version (au.com.dius.pact.consumer:java8, au.com.dius.pact.consumer:junit5)
• Update dependency commons-io:commons-io to v2.21.0

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency hashicorp/terraform to v1.14.8
• Update log4j2 monorepo to v2.25.4 (org.apache.logging.log4j:log4j-api, org.apache.logging.log4j:log4j-to-slf4j)
• Update dependency com.github.hmcts:ccd-case-document-am-client to v1.59.2
• Update jackson monorepo to v2.21.2 (com.fasterxml.jackson.core:jackson-databind, com.fasterxml.jackson.core:jackson-core)
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

docker-compose (1)

docker-compose.yml

dockerfile (1)

Dockerfile (1)

• hmctsprod.azurecr.io/base/java 17-distroless → [Updates: 21-distroless]

github-actions (1)

.github/workflows/ci.yml (2)

• actions/checkout v1 → [Updates: v6]
• actions/setup-java v1 → [Updates: v5]

gradle (2)

build.gradle (74)

• org.springframework.boot:spring-boot-gradle-plugin 2.7.18 → [Updates: 4.0.5]
• net.serenity-bdd:serenity-gradle-plugin 2.4.34
• com.github.ben-manes.versions 0.51.0 → [Updates: 0.53.0]
• io.spring.dependency-management 1.0.11.RELEASE → [Updates: 1.1.7]
• org.owasp.dependencycheck 11.1.1 → [Updates: 12.2.0]
• org.sonarqube 5.0.0.4638 → [Updates: 5.1.0.4882, 7.2.3.7755]
• org.springframework.boot 2.7.18 → [Updates: 4.0.5]
• info.solidsoft.pitest 1.7.4 → [Updates: 1.19.0]
• au.com.dius.pact 4.1.7 → [Updates: 4.6.20]
• checkstyle 9.3 → [Updates: 13.4.0]
• jacoco 0.8.14
• com.mashape.unirest:unirest-java 1.4.9
• com.nimbusds:nimbus-jose-jwt 5.14 → [Updates: 10.8]
• net.serenity-bdd:serenity-core 2.2.13 → [Updates: 2.6.0, 5.3.10]
• net.serenity-bdd:serenity-cucumber 1.9.51 → [Updates: 5.3.10]
• net.serenity-bdd:serenity-junit 2.2.13 → [Updates: 2.6.0, 5.3.10]
• net.serenity-bdd:serenity-rest-assured 2.2.13 → [Updates: 2.6.0, 5.3.10]
• net.serenity-bdd:serenity-spring 2.2.13 → [Updates: 2.6.0, 5.3.10]
• org.apache.commons:commons-lang3 3.20.0
• org.apache.pdfbox:pdfbox 2.0.36 → [Updates: 3.0.7]
• org.projectlombok:lombok 1.18.44
• org.skyscreamer:jsonassert 1.5.3
• com.github.hmcts:service-auth-provider-java-client 3.1.4 → [Updates: 5.3.3]
• com.github.hmcts:ccd-case-document-am-client 1.7.2 → [Updates: 1.59.2]
• org.springframework.cloud:spring-cloud-contract-wiremock 3.1.10 → [Updates: 5.0.2]
• commons-beanutils:commons-beanutils 1.11.0
• org.springframework.security:spring-security-rsa 1.0.12.RELEASE → [Updates: 1.1.5]
• org.springframework.security:spring-security-crypto 5.7.11 → [Updates: 5.8.16, 7.0.4]
• org.bouncycastle:bcprov-jdk18on 1.83
• org.apache.logging.log4j:log4j-to-slf4j 2.25.3 → [Updates: 2.25.4]
• org.apache.logging.log4j:log4j-api 2.25.3 → [Updates: 2.25.4]
• org.springframework.boot:spring-boot-starter-web 2.7.18 → [Updates: 4.0.5]
• com.puppycrawl.tools:checkstyle 8.45.1 → [Updates: 13.4.0]
• commons-io:commons-io 2.20.0 → [Updates: 2.21.0]
• org.springdoc:springdoc-openapi-ui 1.8.0
• commons-fileupload:commons-fileupload 1.6.0
• org.springframework.cloud:spring-cloud-starter-netflix-ribbon 2.2.10.RELEASE
• org.springframework.cloud:spring-cloud-starter-openfeign 3.1.9 → [Updates: 5.0.1]
• io.github.openfeign:feign-httpclient 10.12 → [Updates: 13.11]
• org.springframework.hateoas:spring-hateoas 1.5.6 → [Updates: 3.0.3]
• com.github.hmcts.java-logging:logging 6.1.9 → [Updates: 8.0.0]
• com.github.hmcts.java-logging:logging-appinsights 6.1.9
• org.springframework:spring-context-support 5.3.39 → [Updates: 7.0.6]
• junit:junit 4.13.2
• org.pitest:pitest 1.20.3 → [Updates: 1.23.0]
• info.solidsoft.gradle.pitest:gradle-pitest-plugin 1.15.0
• org.codehaus.sonar-plugins:sonar-pitest-plugin 0.5
• org.apache.httpcomponents:httpclient 4.5.14
• com.launchdarkly:launchdarkly-java-server-sdk 7.13.1 → [Updates: 7.13.2]
• net.logstash.logback:logstash-logback-encoder 7.4 → [Updates: 9.0]
• com.github.tomakehurst:wiremock 2.27.2 → [Updates: 3.0.1]
• io.rest-assured:rest-assured 4.5.1 → [Updates: 6.0.0]
• io.rest-assured:json-path 4.5.1 → [Updates: 6.0.0]
• io.rest-assured:xml-path 4.5.1 → [Updates: 6.0.0]
• org.springframework.boot:spring-boot-starter-test 2.7.18 → [Updates: 4.0.5]
• au.com.dius.pact.consumer:junit5 4.1.11 → [Updates: 4.6.20]
• au.com.dius.pact.consumer:java8 4.1.11 → [Updates: 4.1.43]
• org.junit.jupiter:junit-jupiter-api 5.13.4 → [Updates: 5.14.3, 6.0.3]
• org.junit.jupiter:junit-jupiter-engine 5.13.4 → [Updates: 5.14.3, 6.0.3]
• org.junit.jupiter:junit-jupiter-api 5.13.4 → [Updates: 5.14.3, 6.0.3]
• com.github.hmcts:fortify-client 1.4.10
• org.mockito:mockito-inline 5.2.0
• commons-beanutils:commons-beanutils 1.11.0
• com.fasterxml.jackson.core:jackson-core 2.16.0 → [Updates: 2.21.2]
• com.fasterxml.jackson.core:jackson-databind 2.16.0 → [Updates: 2.21.2]
• com.netflix.servo:servo-core 0.13.2
• org.apache.tomcat.embed:tomcat-embed-core 9.0.115 → [Updates: 9.0.116, 11.0.20]
• org.apache.tomcat.embed:tomcat-embed-websocket 9.0.115 → [Updates: 9.0.116, 11.0.20]
• org.apache.tomcat.embed:tomcat-embed-el 9.0.115 → [Updates: 9.0.116, 11.0.20]
• org.glassfish:jakarta.el 4.0.2
• org.json:json 20230227 → [Updates: 20230618]
• com.google.guava:guava 32.1.3-jre → [Updates: 33.5.0-jre]
• org.yaml:snakeyaml 2.5 → [Updates: 2.6]
• org.springframework.security:spring-security-crypto 5.7.5 → [Updates: 5.8.16, 7.0.4]

settings.gradle

gradle-wrapper (1)

gradle/wrapper/gradle-wrapper.properties (1)

• gradle 7.6.6 → [Updates: 9.4.1]

helmv3 (1)

charts/prl-dgs/Chart.yaml (1)

• java 5.3.0

renovate-config-presets (1)

.github/renovate.json

terraform (1)

infrastructure/main.tf

terraform-version (1)

infrastructure/.terraform-version (1)

• hashicorp/terraform 1.14.7 → [Updates: 1.14.8]

---

• Check this box to trigger a request for Renovate to run again on this repository