Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Pending Approval

These branches will be created by Renovate only once you click their checkbox below.

• chore(deps): update dependency black to v25
• chore(deps): update dependency cryptography to v45
• chore(deps): update terraform aws to v6
• 🔐 Create all pending approval PRs at once 🔐

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• chore(deps): lock file maintenance

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• chore(deps): update dependency urllib3 to v2 [security]
• chore(deps): update mcr.microsoft.com/devcontainers/python:3.13 docker digest to 0aa711e
• chore(deps): update dependency coverage to v7.9.2
• chore(deps): update github/codeql-action action to v3.29.2
• chore(deps): update all minor dependencies (boto3, fastapi)
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

devcontainer

.devcontainer/devcontainer.json

• mcr.microsoft.com/devcontainers/python 3.13@sha256:0f08c317b197f4036bca0514ef0fa52ce5cc9dc47056569c2263272f561aa8c1

dockerfile

api/Dockerfile

• python 3.13-alpine3.19@sha256:8287ca207e905649e9f399b5f91a119e5e9051d8cd110d5f8c3b4bd9458ebd1d
• python 3.13-alpine3.19@sha256:8287ca207e905649e9f399b5f91a119e5e9051d8cd110d5f8c3b4bd9458ebd1d

github-actions

.github/workflows/ci-code.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• actions/setup-python v5.6.0@a26af69be951a213d495a4c3e4e4022e16d87065
• python 3.13

.github/workflows/code-scanning.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• github/codeql-action v3.29.1@39edc492dbe16b1465b0cafca41432d857bdb31a
• github/codeql-action v3.29.1@39edc492dbe16b1465b0cafca41432d857bdb31a

.github/workflows/dependency-review.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• actions/dependency-review-action v4.7.1@da24556b548a50705dd671f47852072ea4c105d9

.github/workflows/docker-build-push-production.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• dorny/paths-filter v3.0.2@de90cc6fb38fc0963ad72b210f1f284cd68cea36
• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• aws-actions/configure-aws-credentials v4.2.1@b47578312673ae6fa5b5096b330d9fbac3d116df
• aws-actions/amazon-ecr-login v2.0.1@062b18b96a7aff071d4dc91bc00c4c1a7945b076
• cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f

.github/workflows/docker-build.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• dorny/paths-filter v3.0.2@de90cc6fb38fc0963ad72b210f1f284cd68cea36
• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683

.github/workflows/docker-vulnerability-scan.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• aws-actions/configure-aws-credentials v4.2.1@b47578312673ae6fa5b5096b330d9fbac3d116df
• aws-actions/amazon-ecr-login v2.0.1@062b18b96a7aff071d4dc91bc00c4c1a7945b076
• cds-snc/security-tools v3.2.0@34794baf2af592913bb5b51d8df4f8d0acc49b6f

.github/workflows/labels.yml

• cds-snc/labels v1

.github/workflows/shellcheck.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683

.github/workflows/terraform-security-scan.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683

.github/workflows/tf_apply_production.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• cds-snc/terraform-tools-setup v1
• aws-actions/configure-aws-credentials v4.2.1@b47578312673ae6fa5b5096b330d9fbac3d116df

.github/workflows/tf_plan_production.yml

• actions/checkout v4.2.2@11bd71901bbe5b1630ceea73d27597364c9af683
• cds-snc/terraform-tools-setup v1
• aws-actions/configure-aws-credentials v4.2.1@b47578312673ae6fa5b5096b330d9fbac3d116df
• cds-snc/terraform-plan v3.4.3@e710cb1446e5dfe69a0182603fb06b5282d7eb07

pip_requirements

api/requirements.txt

• cryptography ==44.0.3
• fastapi ==0.115.14
• mangum ==0.19.0
• python-dotenv ==1.1.1
• requests ==2.32.4
• urllib3 <2

api/requirements_dev.txt

• black ==24.10.0
• coverage ==7.9.1
• flake8 ==7.3.0
• httpx ==0.28.1
• pytest ==8.4.1
• pytest-env ==1.1.5
• uvicorn ==0.35.0

terragrunt/aws/alert_compromise/functions/requirements_dev.txt

• black ==24.10.0
• boto3 ==1.38.46
• flake8 ==7.3.0
• pytest ==8.4.1

renovate-config-presets

renovate.json

terraform

terragrunt/aws/api/lambda.tf

• github.com/cds-snc/terraform-modules v10.6.2

terragrunt/aws/api/sentinel.tf

• github.com/cds-snc/terraform-modules v10.6.2

terragrunt/env/common/provider.tf

• aws ~> 5.0

terragrunt

terragrunt/env/production/alarms/terragrunt.hcl

terragrunt/env/production/alert_compromise/terragrunt.hcl

terragrunt/env/production/api/terragrunt.hcl

terragrunt/env/production/cloudfront/terragrunt.hcl

terragrunt/env/production/hosted_zone/terragrunt.hcl

terragrunt/env/staging/alarms/terragrunt.hcl

terragrunt/env/staging/alert_compromise/terragrunt.hcl

terragrunt/env/staging/api/terragrunt.hcl

terragrunt/env/staging/cloudfront/terragrunt.hcl

terragrunt/env/staging/hosted_zone/terragrunt.hcl

---

• Check this box to trigger a request for Renovate to run again on this repository