Skip to content

chore(deps): lock file maintenance#261

Open
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/lock-file-maintenance
Open

chore(deps): lock file maintenance#261
renovate[bot] wants to merge 1 commit intomasterfrom
renovate/lock-file-maintenance

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Mar 16, 2026
edited
Loading

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/lock-file-maintenance branch from 40a5109 to e13ff1c Compare March 17, 2026 01:52
@github-actions
Copy link

github-actions bot commented Mar 17, 2026
edited
Loading

⚠️MegaLinter analysis: Success with warnings

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 4 0 0 0.03s
✅ DOCKERFILE hadolint 1 0 0 0.32s
✅ JSON jsonlint 6 0 0 0.3s
✅ JSON npm-package-json-lint yes no no 0.47s
✅ JSON prettier 6 0 0 0.96s
✅ JSON v8r 6 0 0 8.83s
✅ MARKDOWN markdownlint 2 0 0 0.75s
✅ MARKDOWN markdown-table-formatter 2 0 0 0.29s
✅ REPOSITORY checkov yes no no 32.64s
✅ REPOSITORY dustilock yes no no 0.14s
✅ REPOSITORY gitleaks yes no no 0.4s
✅ REPOSITORY git_diff yes no no 0.01s
✅ REPOSITORY grype yes no no 58.17s
⚠️ REPOSITORY kics yes no 1 41.9s
✅ REPOSITORY kingfisher yes no no 6.64s
✅ REPOSITORY secretlint yes no no 1.66s
✅ REPOSITORY syft yes no no 4.32s
✅ REPOSITORY trivy yes no no 15.97s
✅ REPOSITORY trivy-sbom yes no no 0.69s
✅ REPOSITORY trufflehog yes no no 5.75s
✅ YAML prettier 10 0 0 0.62s
✅ YAML v8r 10 0 0 10.05s
✅ YAML yamllint 10 0 0 0.9s

Detailed Issues

⚠️ REPOSITORY / kics - 1 warning 
warning: Dockerfile doesn't contain instruction 'HEALTHCHECK'
  ┌─ Dockerfile:1:1
  │
1 │ FROM docker.io/library/eclipse-temurin:21-jre-noble@sha256:b35184e04749777b79e711cef0dbf95c7e7cdf1e8c59dab3b0c85bf1cc345127
  │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  │
  = Healthcheck Instruction Missing
  = Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working

warning: 1 warnings emitted

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

  • Documentation: Custom Flavors
  • Command: npx mega-linter-runner@9.4.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,DOCKERFILE_HADOLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,MARKDOWN_MARKDOWN_TABLE_FORMATTER,REPOSITORY_CHECKOV,REPOSITORY_DUSTILOCK,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_KICS,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,REPOSITORY_KINGFISHER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository

@renovate renovate bot force-pushed the renovate/lock-file-maintenance branch 2 times, most recently from 78a067c to 3e9f788 Compare March 19, 2026 05:01
@renovate renovate bot force-pushed the renovate/lock-file-maintenance branch from 3e9f788 to d338306 Compare March 19, 2026 10:15
@github-actions
Copy link

github-actions bot commented Mar 19, 2026

Trivy image scan report

ghcr.io/miracum/ig-build-tools:pr-261 (ubuntu 24.04)

No Vulnerabilities found

No Misconfigurations found

Java

22 known vulnerabilities found (MEDIUM: 6 LOW: 2 CRITICAL: 9 HIGH: 5)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
ca.uhn.hapi.fhir:org.hl7.fhir.convertors CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2 CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu2016may CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.dstu3 CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4 CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r4b CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.r5 CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.utilities CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ca.uhn.hapi.fhir:org.hl7.fhir.validation CVE-2026-33180 CRITICAL 6.4.0 6.9.0
ch.qos.logback:logback-core CVE-2024-12798 MEDIUM 1.2.13 1.5.13, 1.3.15
ch.qos.logback:logback-core CVE-2025-11226 MEDIUM 1.2.13 1.5.19, 1.3.16
ch.qos.logback:logback-core CVE-2024-12801 LOW 1.2.13 1.5.13, 1.3.15
ch.qos.logback:logback-core CVE-2026-1225 LOW 1.2.13 1.5.25
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq HIGH 2.17.0 2.18.6, 2.21.1, 3.1.0
com.nimbusds:nimbus-jose-jwt CVE-2025-53864 MEDIUM 9.37.3 10.0.2, 9.37.4
commons-beanutils:commons-beanutils CVE-2025-48734 HIGH 1.9.4 1.11.0
org.apache.commons:commons-lang3 CVE-2025-48924 MEDIUM 3.14.0 3.18.0
org.fhir:ucum CVE-2024-55887 HIGH 1.0.3 1.0.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli CVE-2024-52807 HIGH 1.7.1 1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.cli CVE-2025-24363 MEDIUM 1.7.1 1.8.9
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core CVE-2024-52807 HIGH 1.7.1 1.7.4
org.hl7.fhir.publisher:org.hl7.fhir.publisher.core CVE-2025-24363 MEDIUM 1.7.1 1.8.9

No Misconfigurations found

Node.js

23 known vulnerabilities found (CRITICAL: 0 HIGH: 22 MEDIUM: 0 LOW: 1)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
diff CVE-2026-24001 LOW 5.2.0 8.0.3, 5.2.2, 4.0.4, 3.5.1
glob CVE-2025-64756 HIGH 10.4.5 11.1.0, 10.5.0
minimatch CVE-2026-26996 HIGH 9.0.5 10.2.1, 9.0.6, 8.0.5, 7.4.7, 6.2.1, 5.1.7, 4.2.4, 3.1.3
minimatch CVE-2026-27903 HIGH 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.3
minimatch CVE-2026-27904 HIGH 9.0.5 10.2.3, 9.0.7, 8.0.6, 7.4.8, 6.2.2, 5.1.8, 4.2.5, 3.1.4
tar CVE-2026-23745 HIGH 6.2.1 7.5.3
tar CVE-2026-23950 HIGH 6.2.1 7.5.4
tar CVE-2026-24842 HIGH 6.2.1 7.5.7
tar CVE-2026-26960 HIGH 6.2.1 7.5.8
tar CVE-2026-29786 HIGH 6.2.1 7.5.10
tar CVE-2026-31802 HIGH 6.2.1 7.5.11
tar CVE-2026-23745 HIGH 7.4.3 7.5.3
tar CVE-2026-23745 HIGH 7.4.3 7.5.3
tar CVE-2026-23950 HIGH 7.4.3 7.5.4
tar CVE-2026-23950 HIGH 7.4.3 7.5.4
tar CVE-2026-24842 HIGH 7.4.3 7.5.7
tar CVE-2026-24842 HIGH 7.4.3 7.5.7
tar CVE-2026-26960 HIGH 7.4.3 7.5.8
tar CVE-2026-26960 HIGH 7.4.3 7.5.8
tar CVE-2026-29786 HIGH 7.4.3 7.5.10
tar CVE-2026-29786 HIGH 7.4.3 7.5.10
tar CVE-2026-31802 HIGH 7.4.3 7.5.11
tar CVE-2026-31802 HIGH 7.4.3 7.5.11

No Misconfigurations found

Ruby

No Vulnerabilities found

No Misconfigurations found

root/.dotnet/tools/.store/firely.terminal/3.5.0/firely.terminal/3.5.0/tools/net8.0/any/Firely.Terminal.deps.json

No Vulnerabilities found

No Misconfigurations found

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants