Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/DoodleScheduling/ratelimit-controller).

## Config Migration Needed

 - [ ]  Select this checkbox to let Renovate create an automated Config Migration PR.

## Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

 - [ ] chore(deps): update quay.io/brancz/kube-rbac-proxy docker tag to v0.20.2

## Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

 - [ ] [chore(deps-dev): update actions/checkout digest to 34e1148](../pull/158)
 - [ ] [chore(deps): update gcr.io/distroless/static:latest docker digest to 972618c](../pull/70)
 - [ ] [chore(deps-dev): update actions/checkout action to v4.3.1](../pull/217)
 - [ ] [chore(deps-dev): update ossf/scorecard-action action to v2.4.3](../pull/205)
 - [ ] [chore(deps-dev): update sigstore/cosign-installer action to v3.10.1](../pull/212)
 - [ ] [chore(deps-dev): update actions/setup-go action to v5.6.0](../pull/221)
 - [ ] [chore(deps-dev): update anchore/sbom-action action to v0.22.1](../pull/211)
 - [ ] [chore(deps-dev): update dependency go to 1.25.x](../pull/165)
 - [ ] [chore(deps-dev): update dependency python to 3.14](../pull/208)
 - [ ] [chore(deps-dev): update docker/login-action action to v3.7.0](../pull/204)
 - [ ] [chore(deps-dev): update github/codeql-action action to v3.32.1](../pull/202)
 - [ ] [chore(deps-dev): update helm/chart-testing-action action to v2.8.0](../pull/215)
 - [ ] [chore(deps-dev): update helm/kind-action action to v1.13.0](../pull/213)
 - [ ] [chore(deps-dev): update step-security/harden-runner action to v2.14.1](../pull/214)
 - [ ] [chore(deps): update kubernetes packages to v0.35.0](../pull/216) (`k8s.io/api`, `k8s.io/apimachinery`, `k8s.io/client-go`)
 - [ ] [chore(deps): update module github.com/fluxcd/pkg/runtime to v0.97.0](../pull/183)
 - [ ] [chore(deps): update module github.com/onsi/ginkgo/v2 to v2.28.1](../pull/206)
 - [ ] [chore(deps): update module github.com/onsi/gomega to v1.39.1](../pull/220)
 - [ ] [chore(deps): update module sigs.k8s.io/controller-runtime to v0.23.1](../pull/207)
 - [ ] [chore(deps-dev): update actions/checkout action to v6](../pull/218)
 - [ ] [chore(deps-dev): update actions/setup-go action to v6](../pull/189)
 - [ ] [chore(deps-dev): update actions/setup-python action to v6](../pull/190)
 - [ ] [chore(deps-dev): update actions/stale action to v10](../pull/188)
 - [ ] [chore(deps-dev): update github artifact actions (major)](../pull/156) (`actions/download-artifact`, `actions/upload-artifact`)
 - [ ] [chore(deps-dev): update github/codeql-action action to v4](../pull/209)
 - [ ] [chore(deps-dev): update sigstore/cosign-installer action to v4](../pull/210)
 - [ ] [chore(deps-dev): update zgosalvez/github-actions-ensure-sha-pinned-actions action to v4](../pull/203)
 - [ ] [chore(deps): update module gopkg.in/yaml.v2 to v3](../pull/9)
 - [ ] **Click on this checkbox to rebase all open PRs at once**

## Detected Dependencies

<details><summary>dockerfile (1)</summary>
<blockquote>

<details><summary>Dockerfile (1)</summary>

 - `gcr.io/distroless/static latest@sha256:3f2b64ef97bd285e36132c684e6b2ae8f2723293d09aae046196cca64251acac` → [Updates: `latest`]

</details>

</blockquote>
</details>

<details><summary>github-actions (12)</summary>
<blockquote>

<details><summary>.github/workflows/main.yaml (5)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `shogo82148/actions-goveralls v1.10.0@25f5320d970fb565100cf1993ada29be1bb196a1`
 - `go 1.24.x` → [Updates: `1.25.x`]

</details>

<details><summary>.github/workflows/pr-actions.yaml (3)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955` → [Updates: `v4.3.1`, `v6.0.2`]
 - `zgosalvez/github-actions-ensure-sha-pinned-actions v3.0.25@fc87bb5b5a97953d987372e74478de634726b3e5` → [Updates: `v4.0.1`]

</details>

<details><summary>.github/workflows/pr-build.yaml (34)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78`
 - `actions/setup-python v5.6.0@a26af69be951a213d495a4c3e4e4022e16d87065` → [Updates: `v6.2.0`]
 - `helm/chart-testing-action v2.7.0@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b` → [Updates: `v2.8.0`]
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02` → [Updates: `v6.0.0`]
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `engineerd/setup-kind v0.5.0@aa272fe2a7309878ffc2a81c56cfe3ef108ae7d0`
 - `actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093` → [Updates: `v7.0.0`]
 - `imranismail/setup-kustomize v2.1.0@2ba527d4d055ab63514ba50a99456fc35684947f`
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78`
 - `actions/setup-python v5.6.0@a26af69be951a213d495a4c3e4e4022e16d87065` → [Updates: `v6.2.0`]
 - `helm/chart-testing-action v2.7.0@0d28d3144d3a25ea2cc349d6e59901c4ff469b3b` → [Updates: `v2.8.0`]
 - `helm/kind-action v1.12.0@a1b0e391336a6ee6713a0583f8c6240d70863de3` → [Updates: `v1.13.0`]
 - `actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093` → [Updates: `v7.0.0`]
 - `python 3.13` → [Updates: `3.14`]
 - `go 1.24.x` → [Updates: `1.25.x`]
 - `go 1.24.x` → [Updates: `1.25.x`]
 - `go 1.24.x` → [Updates: `1.25.x`]
 - `go 1.24.x` → [Updates: `1.25.x`]
 - `python 3.13` → [Updates: `3.14`]

</details>

<details><summary>.github/workflows/pr-goreleaser.yaml (3)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955` → [Updates: `v4.3.1`, `v6.0.2`]
 - `goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a`

</details>

<details><summary>.github/workflows/pr-label.yaml (2)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `pascalgn/size-label-action 6ec5bd0f81af1bd8d691180fbf04453b2c4b1642`

</details>

<details><summary>.github/workflows/pr-stale.yaml (1)</summary>

 - `actions/stale v9.1.0@5bef64f19d7facfb25b37b414482c7164d639639` → [Updates: `v10.1.1`]

</details>

<details><summary>.github/workflows/pr-trivy.yaml (3)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8`
 - `github/codeql-action v3.30.4@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9` → [Updates: `v3.32.1`, `v4.32.1`]

</details>

<details><summary>.github/workflows/rebase.yaml (3)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `cirrus-actions/rebase 1.8@b87d48154a87a85666003575337e27b8cd65f691`

</details>

<details><summary>.github/workflows/release.yaml (12)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `actions/setup-go v5.5.0@d35c59abb061a4a6fb18e82ac0862c26744d6ab5` → [Updates: `v5.6.0`, `v6.2.0`]
 - `docker/login-action v3.5.0@184bdaa0721073962dff0199f1fb9940f07167d1` → [Updates: `v3.7.0`]
 - `sigstore/cosign-installer v3.10.0@d7543c93d881b35a8faa02e8e3605f69b7a1ce62` → [Updates: `v3.10.1`, `v4.0.0`]
 - `anchore/sbom-action v0.20.6@f8bdd1d8ac5e901a77a92f111440fdb1b593736b` → [Updates: `v0.22.1`]
 - `goreleaser/goreleaser-action v6.4.0@e435ccd777264be153ace6237001ef4d979d3a7a`
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `azure/setup-helm v3.5@5119fcb9089d432beecbf79bb2c7915207344b78`
 - `sigstore/cosign-installer v3.10.0@d7543c93d881b35a8faa02e8e3605f69b7a1ce62` → [Updates: `v3.10.1`, `v4.0.0`]
 - `go 1.24.x` → [Updates: `1.25.x`]

</details>

<details><summary>.github/workflows/report-on-vulnerabilities.yaml (7)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8`
 - `actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02` → [Updates: `v6.0.0`]
 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955` → [Updates: `v4.3.1`, `v6.0.2`]
 - `actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093` → [Updates: `v7.0.0`]
 - `JasonEtco/create-an-issue v2.9.2@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5`

</details>

<details><summary>.github/workflows/scan.yaml (5)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683` → [Updates: `v6`, `v4`]
 - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818`
 - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818`
 - `github/codeql-action codeql-bundle-20221020@f0a12816612c7306b485a22cb164feb43c6df818`

</details>

<details><summary>.github/workflows/scorecard.yaml (5)</summary>

 - `step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a` → [Updates: `v2.14.1`]
 - `actions/checkout v4.3.0@08eba0b27e820071cde6df949e0beb9ba4906955` → [Updates: `v4.3.1`, `v6.0.2`]
 - `ossf/scorecard-action v2.4.2@05b42c624433fc40578a4040d5cf5e36ddca8cde` → [Updates: `v2.4.3`]
 - `actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02` → [Updates: `v6.0.0`]
 - `github/codeql-action v3.30.4@303c0aef88fc2fe5ff6d63d3b1596bfd83dfa1f9` → [Updates: `v3.32.1`, `v4.32.1`]

</details>

</blockquote>
</details>

<details><summary>gomod (1)</summary>
<blockquote>

<details><summary>go.mod (13)</summary>

 - `go 1.24.2`
 - `github.com/fluxcd/pkg/runtime v0.80.0` → [Updates: `v0.97.0`]
 - `github.com/go-logr/logr v1.4.3`
 - `github.com/kylelemons/godebug v1.1.0`
 - `github.com/onsi/ginkgo/v2 v2.25.3` → [Updates: `v2.28.1`]
 - `github.com/onsi/gomega v1.38.2` → [Updates: `v1.39.1`]
 - `github.com/spf13/pflag v1.0.10`
 - `github.com/stretchr/testify v1.11.1`
 - `gopkg.in/yaml.v2 v2.4.0` → [Updates: `v3.0.1`]
 - `k8s.io/api v0.34.1` → [Updates: `v0.35.0`]
 - `k8s.io/apimachinery v0.34.1` → [Updates: `v0.35.0`]
 - `k8s.io/client-go v0.34.1` → [Updates: `v0.35.0`]
 - `sigs.k8s.io/controller-runtime v0.22.1` → [Updates: `v0.23.1`]

</details>

</blockquote>
</details>

<details><summary>helm-values (1)</summary>
<blockquote>

<details><summary>chart/ratelimit-controller/values.yaml (1)</summary>

 - `quay.io/brancz/kube-rbac-proxy v0.20.0` → [Updates: `v0.20.2`]

</details>

</blockquote>
</details>

<details><summary>kustomize (1)</summary>
<blockquote>

<details><summary>config/base/manager/kustomization.yaml (1)</summary>

 - `ghcr.io/doodlescheduling/ratelimit-controller v2.2.0`

</details>

</blockquote>
</details>

<details><summary>renovate-config-presets (1)</summary>
<blockquote>

<details><summary>renovate.json</summary>


</details>

</blockquote>
</details>

---

- [ ] Check this box to trigger a request for Renovate to run again on this repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependency Dashboard #10

Config Migration Needed

Pending Status Checks

Open

Detected Dependencies

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Dependency Dashboard #10

Description

Config Migration Needed

Pending Status Checks

Open

Detected Dependencies

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions