chore(deps): update docker.io/library/eclipse-temurin docker tag to v25

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker.io/library/eclipse-temurin	final	major	21-jre-noble → 25-jre-noble

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	4		0	0	0.01s
✅ DOCKERFILE	hadolint	1		0	0	0.27s
✅ JSON	jsonlint	6		0	0	0.19s
✅ JSON	npm-package-json-lint	yes		no	no	0.54s
✅ JSON	prettier	6		0	0	1.0s
✅ JSON	v8r	6		0	0	7.96s
✅ MARKDOWN	markdownlint	2		0	0	0.79s
✅ MARKDOWN	markdown-table-formatter	2		0	0	0.42s
✅ REPOSITORY	checkov	yes		no	no	31.38s
✅ REPOSITORY	dustilock	yes		no	no	0.16s
✅ REPOSITORY	gitleaks	yes		no	no	0.4s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	56.14s
⚠️ REPOSITORY	kics	yes		no	1	41.64s
✅ REPOSITORY	kingfisher	yes		no	no	6.59s
✅ REPOSITORY	secretlint	yes		no	no	1.64s
✅ REPOSITORY	syft	yes		no	no	4.17s
✅ REPOSITORY	trivy	yes		no	no	16.47s
✅ REPOSITORY	trivy-sbom	yes		no	no	1.01s
✅ REPOSITORY	trufflehog	yes		no	no	5.47s
✅ YAML	prettier	10		0	0	0.85s
✅ YAML	v8r	10		0	0	9.31s
✅ YAML	yamllint	10		0	0	0.71s

Detailed Issues

⚠️ REPOSITORY / kics - 1 warning

warning: Dockerfile doesn't contain instruction 'HEALTHCHECK'
  ┌─ Dockerfile:1:1
  │
1 │ FROM docker.io/library/eclipse-temurin:25-jre-noble@sha256:affd314e79fbb87dae2f15bbfdae4d1cdc6299626c19e98295186a5869c60801
  │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  │
  = Healthcheck Instruction Missing
  = Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working

warning: 1 warnings emitted

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,REPOSITORY_KINGFISHER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

Show us your support by starring ⭐ the repository

[github-actions]

Trivy image scan report

ghcr.io/miracum/ig-build-tools:pr-234 (ubuntu 24.04)

No Vulnerabilities found

No Misconfigurations found

Java

22 known vulnerabilities found (CRITICAL: 9 HIGH: 5 MEDIUM: 6 LOW: 2)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
ca.uhn.hapi.fhir:org.hl7.fhir.convertors	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu3	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4b	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r5	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.utilities	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.validation	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ch.qos.logback:logback-core	CVE-2024-12798	MEDIUM	1.2.13	1.5.13, 1.3.15
ch.qos.logback:logback-core	CVE-2025-11226	MEDIUM	1.2.13	1.5.19, 1.3.16
ch.qos.logback:logback-core	CVE-2024-12801	LOW	1.2.13	1.5.13, 1.3.15
ch.qos.logback:logback-core	CVE-2026-1225	LOW	1.2.13	1.5.25
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	HIGH	2.17.0	2.18.6, 2.21.1, 3.1.0
com.nimbusds:nimbus-jose-jwt	CVE-2025-53864	MEDIUM	9.37.3	10.0.2, 9.37.4
commons-beanutils:commons-beanutils	CVE-2025-48734	HIGH	1.9.4	1.11.0
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.14.0	3.18.0
org.fhir:ucum	CVE-2024-55887	HIGH	1.0.3	1.0.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli	CVE-2024-52807	HIGH	1.7.1	1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli	CVE-2025-24363	MEDIUM	1.7.1	1.8.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core	CVE-2024-52807	HIGH	1.7.1	1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core	CVE-2025-24363	MEDIUM	1.7.1	1.8.9

No Misconfigurations found

Node.js

23 known vulnerabilities found (CRITICAL: 0 HIGH: 22 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
diff	CVE-2026-24001	LOW	5.2.0	8.0.3, 5.2.2, 4.0.4, 3.5.1
glob	CVE-2025-64756	HIGH	10.4.5	11.1.0, 10.5.0
minimatch	CVE-2026-26996	HIGH	9.0.5	10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
minimatch	CVE-2026-27903	HIGH	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
minimatch	CVE-2026-27904	HIGH	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
tar	CVE-2026-23745	HIGH	6.2.1	7.5.3
tar	CVE-2026-23950	HIGH	6.2.1	7.5.4
tar	CVE-2026-24842	HIGH	6.2.1	7.5.7
tar	CVE-2026-26960	HIGH	6.2.1	7.5.8
tar	CVE-2026-29786	HIGH	6.2.1	7.5.10
tar	CVE-2026-31802	HIGH	6.2.1	7.5.11
tar	CVE-2026-23745	HIGH	7.4.3	7.5.3
tar	CVE-2026-23745	HIGH	7.4.3	7.5.3
tar	CVE-2026-23950	HIGH	7.4.3	7.5.4
tar	CVE-2026-23950	HIGH	7.4.3	7.5.4
tar	CVE-2026-24842	HIGH	7.4.3	7.5.7
tar	CVE-2026-24842	HIGH	7.4.3	7.5.7
tar	CVE-2026-26960	HIGH	7.4.3	7.5.8
tar	CVE-2026-26960	HIGH	7.4.3	7.5.8
tar	CVE-2026-29786	HIGH	7.4.3	7.5.10
tar	CVE-2026-29786	HIGH	7.4.3	7.5.10
tar	CVE-2026-31802	HIGH	7.4.3	7.5.11
tar	CVE-2026-31802	HIGH	7.4.3	7.5.11

No Misconfigurations found

Ruby

No Vulnerabilities found

No Misconfigurations found

root/.dotnet/tools/.store/firely.terminal/3.5.0/firely.terminal/3.5.0/tools/net8.0/any/Firely.Terminal.deps.json

No Vulnerabilities found

No Misconfigurations found

[github-actions]

Trivy image scan report

ghcr.io/miracum/ig-build-tools:pr-234 (ubuntu 24.04)

No Vulnerabilities found

No Misconfigurations found

Java

22 known vulnerabilities found (LOW: 2 CRITICAL: 9 HIGH: 5 MEDIUM: 6)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
ca.uhn.hapi.fhir:org.hl7.fhir.convertors	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu3	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4b	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r5	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.utilities	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.validation	CVE-2026-33180	CRITICAL	6.4.0	6.9.0
ch.qos.logback:logback-core	CVE-2024-12798	MEDIUM	1.2.13	1.5.13, 1.3.15
ch.qos.logback:logback-core	CVE-2025-11226	MEDIUM	1.2.13	1.5.19, 1.3.16
ch.qos.logback:logback-core	CVE-2024-12801	LOW	1.2.13	1.5.13, 1.3.15
ch.qos.logback:logback-core	CVE-2026-1225	LOW	1.2.13	1.5.25
com.fasterxml.jackson.core:jackson-core	GHSA-72hv-8253-57qq	HIGH	2.17.0	2.18.6, 2.21.1, 3.1.0
com.nimbusds:nimbus-jose-jwt	CVE-2025-53864	MEDIUM	9.37.3	10.0.2, 9.37.4
commons-beanutils:commons-beanutils	CVE-2025-48734	HIGH	1.9.4	1.11.0
org.apache.commons:commons-lang3	CVE-2025-48924	MEDIUM	3.14.0	3.18.0
org.fhir:ucum	CVE-2024-55887	HIGH	1.0.3	1.0.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli	CVE-2024-52807	HIGH	1.7.1	1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli	CVE-2025-24363	MEDIUM	1.7.1	1.8.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core	CVE-2024-52807	HIGH	1.7.1	1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core	CVE-2025-24363	MEDIUM	1.7.1	1.8.9

No Misconfigurations found

Node.js

23 known vulnerabilities found (CRITICAL: 0 HIGH: 22 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
diff	CVE-2026-24001	LOW	5.2.0	8.0.3, 5.2.2, 4.0.4, 3.5.1
glob	CVE-2025-64756	HIGH	10.4.5	11.1.0, 10.5.0
minimatch	CVE-2026-26996	HIGH	9.0.5	10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
minimatch	CVE-2026-27903	HIGH	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
minimatch	CVE-2026-27904	HIGH	9.0.5	10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
tar	CVE-2026-23745	HIGH	6.2.1	7.5.3
tar	CVE-2026-23950	HIGH	6.2.1	7.5.4
tar	CVE-2026-24842	HIGH	6.2.1	7.5.7
tar	CVE-2026-26960	HIGH	6.2.1	7.5.8
tar	CVE-2026-29786	HIGH	6.2.1	7.5.10
tar	CVE-2026-31802	HIGH	6.2.1	7.5.11
tar	CVE-2026-23745	HIGH	7.4.3	7.5.3
tar	CVE-2026-23745	HIGH	7.4.3	7.5.3
tar	CVE-2026-23950	HIGH	7.4.3	7.5.4
tar	CVE-2026-23950	HIGH	7.4.3	7.5.4
tar	CVE-2026-24842	HIGH	7.4.3	7.5.7
tar	CVE-2026-24842	HIGH	7.4.3	7.5.7
tar	CVE-2026-26960	HIGH	7.4.3	7.5.8
tar	CVE-2026-26960	HIGH	7.4.3	7.5.8
tar	CVE-2026-29786	HIGH	7.4.3	7.5.10
tar	CVE-2026-29786	HIGH	7.4.3	7.5.10
tar	CVE-2026-31802	HIGH	7.4.3	7.5.11
tar	CVE-2026-31802	HIGH	7.4.3	7.5.11

No Misconfigurations found

Ruby

No Vulnerabilities found

No Misconfigurations found

root/.dotnet/tools/.store/firely.terminal/3.5.0/firely.terminal/3.5.0/tools/net8.0/any/Firely.Terminal.deps.json

No Vulnerabilities found

No Misconfigurations found