Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update github/codeql-action digest to d1a6527
• fix(deps): update k8s.io/utils digest to b8788ab
• chore(deps): update dependency kubernetes-sigs/controller-tools to v0.20.1
• fix(deps): update kubernetes packages to v0.35.2 (k8s.io/api, k8s.io/apiextensions-apiserver, k8s.io/apimachinery, k8s.io/apiserver, k8s.io/client-go)
• fix(deps): update module github.com/onsi/gomega to v1.39.1
• fix(deps): update module sigs.k8s.io/cluster-api to v1.12.3
• fix(deps): update module sigs.k8s.io/controller-runtime to v0.23.3
• chore(deps): update all-ci-updates (actions/setup-go, aquasecurity/trivy-action, argo-cd, cert-manager, fossas/fossa-action, github/codeql-action, kube-prometheus-stack, securego/gosec, zgosalvez/github-actions-ensure-sha-pinned-actions)
• chore(deps): update capsule-proxy docker tag to v0.11.2
• chore(deps): update dependency golangci/golangci-lint to v2.11.2
• chore(deps): update dependency grafana/grafana-operator to v5.22.0
• chore(deps): update dependency norwoodj/helm-docs to v0.15.0
• chore(deps): update dependency prometheus-operator/prometheus-operator to v0.89.0
• fix(deps): update module github.com/onsi/ginkgo/v2 to v2.28.1
• fix(deps): update module sigs.k8s.io/gateway-api to v1.5.0
• chore(deps): update all-ci-updates (major) (actions/upload-artifact, goreleaser/goreleaser-action, kube-prometheus-stack)
• chore(deps): update dependency norwoodj/helm-docs to v1
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• chore(deps): update dependency alegrey91/harpoon to v0.11.0

Detected Dependencies

dockerfile (1)

Dockerfile.tracing

flux (5)

hack/distro/argocd/release.flux.yaml (1)

• argo-cd 9.3.7 → [Updates: 9.4.7]

hack/distro/capsule/release.flux.yaml (1)

• capsule 0.12.4

hack/distro/cert-manager/release.flux.yaml (1)

• cert-manager v1.19.3 → [Updates: v1.19.4]

hack/distro/monitoring/kube-prometheus-stack/release.flux.yaml (1)

• kube-prometheus-stack 81.4.2 → [Updates: 81.6.9, 82.10.1]

hack/distro/monitoring/pyroscope/release.flux.yaml (1)

• pyroscope 1.18.1

github-actions (14)

.github/actions/setup-caches/action.yaml (2)

• actions/cache v5.0.3@cdf6c1fa76f9f475f3d7449005a359c84ca0f306
• actions/cache v5.0.3@cdf6c1fa76f9f475f3d7449005a359c84ca0f306

.github/workflows/check-actions.yml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• zgosalvez/github-actions-ensure-sha-pinned-actions v5.0.0@d5d20e15f2736816ee0e001ba8b24b54d9ffcff4 → [Updates: v5.0.1]

.github/workflows/check-commit.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• wagoid/commitlint-github-action v6.2.1@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed
• ubuntu 24.04

.github/workflows/check-pr.yml (1)

• amannn/action-semantic-pull-request ac7e3fc035c47465748bbcb1a822c1583cf79bbc

.github/workflows/coverage.yml (13)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• fossas/fossa-action v1.7.0@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac → [Updates: v1.8.0]
• fossas/fossa-action v1.7.0@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac → [Updates: v1.8.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• securego/gosec v2.22.11@424fc4cd9c82ea0fd6bee9cd49c2db2c3cc0c93f → [Updates: v2.24.7]
• github/codeql-action 0ec47d036c68ae0cf94c629009b1029407111281 → [Updates: undefined]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• codecov/codecov-action v5.5.2@671740ac38dd9b0130fbe1cec585b89eea48d3de
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/docker-build.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 → [Updates: 0.35.0]
• github/codeql-action 0ec47d036c68ae0cf94c629009b1029407111281 → [Updates: undefined]

.github/workflows/docker-publish.yml (5)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 → [Updates: 0.35.0]
• sigstore/cosign-installer v4.0.0@faadad0cce49287aee09b3a48701e75088a2c6ad
• peak-scale/github-actions v0.2.0@a441cca016861c546ab7e065277e40ce41a3eb84
• slsa-framework/slsa-github-generator v2.1.0

.github/workflows/e2e.yml (6)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• azure/setup-helm v4@1a275c3b69536ee54be43f2070a358922e12c8d4
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• azure/setup-helm v4@1a275c3b69536ee54be43f2070a358922e12c8d4

.github/workflows/helm-publish.yml (8)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• stefanprodan/helm-gh-pages v1.7.0@0ad2bb377311d61ac04ad9eb6f252fb68e207260
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• sigstore/cosign-installer v4.0.0@faadad0cce49287aee09b3a48701e75088a2c6ad
• peak-scale/github-actions v0.2.0@a441cca016861c546ab7e065277e40ce41a3eb84
• slsa-framework/slsa-github-generator v2.1.0
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/helm-test.yml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• azure/setup-helm v4@1a275c3b69536ee54be43f2070a358922e12c8d4
• ubuntu 24.04

.github/workflows/lint.yml (8)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/releaser.yml (6)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6.2.0@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 → [Updates: v6.3.0]
• creekorful/goreportcard-action v1.0@1f35ced8cdac2cba28c9a2f2288a16aacfd507f9
• anchore/sbom-action 17ae1740179002c89186b61233e0f892c3118b11
• sigstore/cosign-installer v4.0.0@faadad0cce49287aee09b3a48701e75088a2c6ad
• goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a → [Updates: v7.0.0]

.github/workflows/scorecard.yml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v6.0.0@b7c566a772e6b6bfb58ed0dc250532a479d7789f → [Updates: v7.0.0]
• github/codeql-action v4.32.1@6bc82e05fd0ea64601dd4b465378bbcf57de0314 → [Updates: v4.32.6]

.github/workflows/stale.yml (1)

• actions/stale b5d41d4e1d5dceea10e7104786b73624c18a190f

gomod (1)

go.mod (21)

• go 1.25.4
• github.com/go-logr/logr v1.4.3
• github.com/onsi/ginkgo/v2 v2.27.5 → [Updates: v2.28.1]
• github.com/onsi/gomega v1.39.0 → [Updates: v1.39.1]
• github.com/pkg/errors v0.9.1
• github.com/prometheus/client_golang v1.23.2
• github.com/spf13/pflag v1.0.10
• github.com/stretchr/testify v1.11.1
• github.com/valyala/fasttemplate v1.2.2
• go.uber.org/automaxprocs v1.6.0
• go.uber.org/zap v1.27.1
• golang.org/x/sync v0.19.0
• k8s.io/api v0.35.0 → [Updates: v0.35.2]
• k8s.io/apiextensions-apiserver v0.35.0 → [Updates: v0.35.2]
• k8s.io/apimachinery v0.35.0 → [Updates: v0.35.2]
• k8s.io/apiserver v0.35.0 → [Updates: v0.35.2]
• k8s.io/client-go v0.35.0 → [Updates: v0.35.2]
• k8s.io/utils v0.0.0-20260108192941-914a6e750570@914a6e750570 → [Updates: v0.0.0-20260210185600-b8788abfbbc2]
• sigs.k8s.io/cluster-api v1.12.2 → [Updates: v1.12.3]
• sigs.k8s.io/controller-runtime v0.23.0 → [Updates: v0.23.3]
• sigs.k8s.io/gateway-api v1.4.1 → [Updates: v1.5.0]

helm-values (1)

charts/capsule/values.yaml

helmv3 (1)

charts/capsule/Chart.yaml (1)

• capsule-proxy 0.10.0 → [Updates: 0.11.2]

regex (2)

.pre-commit-config.yaml (3)

• alessandrojcm/commitlint-pre-commit-hook v9.24.0
• pre-commit/pre-commit-hooks v6.0.0
• adrienverge/yamllint v1.38.0

Makefile (12)

• kubernetes-sigs/gateway-api v1.35.0
• grafana/grafana-operator v5.18.0 → [Updates: v5.22.0]
• prometheus-operator/prometheus-operator v0.88.0 → [Updates: v0.89.0]
• norwoodj/helm-docs 0.13.0-rc.2 → [Updates: v0.15.0, v1.14.2]
• kubernetes-sigs/controller-tools v0.20.0 → [Updates: v0.20.1]
• helm/chart-testing v3.14.0
• kubernetes-sigs/kind v0.31.0
• google/ko v0.18.1
• B1NARY-GR0UP/nwa v0.7.7
• golangci/golangci-lint v2.8.0 → [Updates: v2.11.2]
• fybrik/crdoc v0.6.4
• alegrey91/harpoon v0.10.2 → [Updates: v0.11.0]

---

• Check this box to trigger a request for Renovate to run again on this repository