Dependency Dashboard

[descope]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Package lookup failures

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• ci(action): update docker/login-action action to v4.2.0

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• ci(action): update actions/checkout action to v6.0.3
• ci(action): update aws-actions/amazon-ecr-login action to v2.1.6
• ci(action): update aws-actions/configure-aws-credentials action to v6.2.0

---

Warning

Renovate failed to look up the following dependencies: Failed to look up github-tags package aquasecurity/trivy-action: no-result.

Files affected: .github/actions/pack/action.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• fix(deps): update github.com/descope/backend digest to f2a6483
• chore(deps): update dependency golangci/golangci-lint to v2
• ci(action): update golangci/golangci-lint-action action to v7
• ci(action): update golangci/golangci-lint-action action to v8
• ci(action): update golangci/golangci-lint-action action to v9
• ci(action): update sigstore/cosign-installer action to v4
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

0/2 CVEs have Renovate fixes.

gomod

go.mod

github.com/aws/aws-sdk-go

• GO-2022-0635
• GO-2022-0646

Detected Dependencies

dockerfile (1)

Dockerfile (1)

• golang 1.26

github-actions (9)

.github/actions/auth-setup/action.yaml (1)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1

.github/actions/build/action.yml (1)

• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c

.github/actions/docker-metadata/action.yml (1)

• docker/metadata-action v6.1.0@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9

.github/actions/lint/action.yml (3)

• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• golangci/golangci-lint-action v6.5.2@8564da7cb3c6866ed1da648ca8f00a258ef0c802 → [Updates: v7.0.1, v8.0.0, v9.2.1, v6.5.2]
• golangci/golangci-lint v1.64.8 → [Updates: v2.12.2]

.github/actions/pack/action.yml (9)

• docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4.2.0]
• aws-actions/configure-aws-credentials v6.1.2@acca2b1b2070338fb9fd1ca27ecee81d687e58e5 → [Updates: v6.2.0]
• aws-actions/amazon-ecr-login v2.1.5@fa648b43de3d4d023bcb3f89ed6940096949c419 → [Updates: v2.1.6]
• docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4.2.0]
• docker/setup-buildx-action v4.1.0@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
• docker/build-push-action v7.2.0@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• aquasecurity/trivy-action 0.35.0@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
• actions/attest v4.1.0@59d89421af93a897026c735860bf21b6eb4f7b26
• sigstore/cosign-installer v3.10.1@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 → [Updates: v4.1.2]

.github/actions/security/action.yml (2)

• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c
• actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e

.github/actions/setup/action.yml (2)

• tibdex/github-app-token v2.1.0@3beb63f4bd073e61482598c45c71c1019b59b73a
• actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c

.github/workflows/ci.yml (9)

• amannn/action-semantic-pull-request v6.1.1@48f256284bd46cdaab1048c3721360e808335d50
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• docker/setup-buildx-action v4.1.0@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
• docker/build-push-action v7.2.0@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]

.github/workflows/release-please.yml (7)

• actions/create-github-app-token v3.2.0@bcd2ba49218906704ab6c1aa796996da409d3eb1
• googleapis/release-please-action v5.0.0@45996ed1f6d02564a971a2fa1b5860e934307cf7
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• docker/login-action v3.7.0@c94ce9fb468520275223c153574b00df6fe4bcc9 → [Updates: v4.2.0]
• docker/setup-buildx-action v4.1.0@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
• docker/build-push-action v7.2.0@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• peter-evans/dockerhub-description v5.0.0@1b9a80c056b620d92cedb9d9b5a223409c68ddfa

gomod (1)

go.mod (13)

• go 1.26.1
• github.com/descope/backend v0.0.0-20260617140632-e7ef806ad4bd@e7ef806ad4bd → [Updates: v0.0.0-20260617140632-e7ef806ad4bd]
• github.com/descope/go-sdk v1.21.0
• github.com/descope/golang-lru v0.5.5-0.20220516120313-0c580df2ac14@0c580df2ac14
• github.com/descope/protoc-gen-mocker v1.0.1-0.20260529153440-788f40f5959c@788f40f5959c
• github.com/descope/protoc-gen-validate v1.6.6
• github.com/google/gnostic v0.7.1
• github.com/google/uuid v1.6.0
• github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0
• github.com/stretchr/testify v1.11.1
• google.golang.org/genproto/googleapis/api v0.0.0-20260414002931-afd174a4e478@afd174a4e478 → [Updates: v0.0.0-20260615183401-62b3387ff324]
• google.golang.org/grpc v1.81.1
• google.golang.org/protobuf v1.36.11

renovate-config-presets (1)

renovate.json

---

• Check this box to trigger a request for Renovate to run again on this repository
  📊 View in RenoWeb