Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Repository problems

These problems occurred while renovating this repository. View logs.

• WARN: Package lookup failures

---

Warning

Renovate failed to look up the following dependencies: Failed to look up maven package de.medizininformatik-initiative:sq2cql, Failed to look up maven package jakarta.xml.bind.:jakarta.xml.bind-api.

Files affected: pom.xml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency ca.uhn.hapi.fhir:org.hl7.fhir.utilities to v6.7.6
• Update github/codeql-action action to v4.31.2
• Update dependency dev.dsf:dsf-fhir-rest-adapter to v1.9.0
• Update dependency dev.dsf:dsf-fhir-webservice-client to v1.9.0
• Update dependency dev.dsf:dsf-fhir-websocket-client to v1.9.0
• Update docker.elastic.co/elasticsearch/elasticsearch Docker tag to v9.2.0
• Update dependency ca.uhn.hapi.fhir:hapi-fhir-client to v8
• Update dependency ca.uhn.hapi.fhir:hapi-fhir-structures-r4 to v8
• Update jaxb-ri monorepo to v4 (major) (com.sun.xml.bind:jaxb-impl, org.glassfish.jaxb:jaxb-runtime)
• Update postgres Docker tag to v18
• Click on this checkbox to rebase all open PRs at once

Detected dependencies

docker-compose

.github/integration-test/docker-compose.yml

• postgres 17-alpine
• docker.elastic.co/elasticsearch/elasticsearch 9.1.5
• samply/blaze 1.1.2
• ghcr.io/medizininformatik-initiative/flare 2.6.0
• postgres 17-alpine
• keycloak/keycloak 26.4

docker-compose.yml

• postgres 17-alpine
• docker.elastic.co/elasticsearch/elasticsearch 9.1.5

dockerfile

Dockerfile

• eclipse-temurin 25-jre-alpine@sha256:bf9c91071c4f90afebb31d735f111735975d6fe2b668a82339f8204202203621

github-actions

.github/workflows/ci.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• docker/metadata-action v5.8.0@c1e51972afc2121e065aed6d45c65596fe445f3f
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• github/codeql-action v4.31.1@5fe9434cd24fe243e33e7f3305f8a5b519b70280
• codecov/codecov-action v5.5.1@5a1091511ad55cbe89839c7260b706298ca349f7
• github/codeql-action v4.31.1@5fe9434cd24fe243e33e7f3305f8a5b519b70280
• actions/upload-artifact v5.0.0@330a01c490aca151604b8cf639adc76d48f6c5d4
• docker/setup-buildx-action v3.11.1@e468171a9de216ec08956ac3ada2f0791b6bd435
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83
• actions/upload-artifact v5.0.0@330a01c490aca151604b8cf639adc76d48f6c5d4
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83
• aquasecurity/trivy-action 0.33.1@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
• github/codeql-action v4.31.1@5fe9434cd24fe243e33e7f3305f8a5b519b70280
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• actions/download-artifact v6.0.0@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53
• dcarbone/install-jq-action v3.2.0@b7ef57d46ece78760b4019dbc4080a1ba2a40b45
• jwalton/gh-docker-logs v2.2.2@2741064ab9d7af54b0b1ffb6076cf64c16f0220e
• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• nowsprinting/check-version-format-action v4.0.7@bb1181a02ee5d9ae4feead2842236183c85152c6
• actions/github-script v8.0.0@ed597411d8f924073f98dfc5c65a23a2325f34cd
• actions/setup-java v5.0.0@dded0888837ed1f317902acf8a20df0ad188d165
• actions/cache v4.3.0@0057852bfaa89a56745cba8c7296529d2fc39830
• s4u/maven-settings-action v4.0.0@894661b3ddae382f1ae8edbeab60987e08cf0788
• docker/login-action v3.6.0@5e57cd118135c172c3672efd75eb46360885c0ef
• docker/setup-qemu-action v3.6.0@29109295f81e9208d7d86ff1c6c12d2833863392
• docker/setup-buildx-action v3.11.1@e468171a9de216ec08956ac3ada2f0791b6bd435
• docker/build-push-action v6.18.0@263435318d21b8e681c14492fe198d362a7d2c83

.github/workflows/remove-image-of-closed-pr.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• dataaxiom/ghcr-cleanup-action v1@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4

.github/workflows/remove-untagged-images.yml

• step-security/harden-runner v2.13.1@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a
• dataaxiom/ghcr-cleanup-action v1@cd0cdb900b5dbf3a6f2cc869f0dbb0b8211f50c4

.github/workflows/scorecard.yml

• actions/checkout v5.0.0@08c6903cd8c0fde910a37f88322edcfb5dd907a8
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v5.0.0@330a01c490aca151604b8cf639adc76d48f6c5d4
• github/codeql-action v4.31.1@5fe9434cd24fe243e33e7f3305f8a5b519b70280

maven

pom.xml

• org.springframework.boot:spring-boot-starter-parent 3.5.7
• io.undertow:undertow-core 2.3.20.Final
• io.undertow:undertow-servlet 2.3.20.Final
• io.undertow:undertow-websockets-jsr 2.3.20.Final
• com.nimbusds:oauth2-oidc-sdk 11.30
• org.postgresql:postgresql 42.7.8
• org.springdoc:springdoc-openapi-starter-webmvc-ui 2.8.13
• com.github.erosb:everit-json-schema 1.14.6
• org.json:json 20250517
• org.aktin:broker-client 1.5.1
• ca.uhn.hapi.fhir:hapi-fhir-client 7.6.1
• ca.uhn.hapi.fhir:hapi-fhir-structures-r4 7.6.1
• ca.uhn.hapi.fhir:org.hl7.fhir.utilities 6.7.3
• com.bucket4j:bucket4j-core 8.10.1
• org.apache.commons:commons-text 1.14.0
• dev.dsf:dsf-fhir-webservice-client 1.8.0
• dev.dsf:dsf-fhir-websocket-client 1.8.0
• org.bouncycastle:bcprov-jdk18on 1.82
• org.bouncycastle:bcutil-jdk18on 1.82
• org.bouncycastle:bcpkix-jdk18on 1.82
• dev.dsf:dsf-fhir-rest-adapter 1.8.0
• de.medizininformatik-initiative:sq2cql 1.0.0
• com.github.ben-manes.caffeine:caffeine 3.2.3
• org.codehaus.janino:janino 3.1.12
• com.opencsv:opencsv 5.12.0
• org.threeten:threeten-extra 1.8.0
• org.mockito:mockito-core 5.20.0
• com.squareup.okhttp3:mockwebserver 5.2.1
• com.github.dasniko:testcontainers-keycloak 3.9.0
• org.apache.commons:commons-compress 1.28.0
• io.projectreactor:reactor-test 3.8.0-RC1
• jakarta.xml.bind.:jakarta.xml.bind-api 2.3.3
• org.glassfish.jaxb:jaxb-runtime 2.3.9
• org.apache.maven.plugins:maven-release-plugin 3.1.1
• org.apache.maven.plugins:maven-failsafe-plugin 3.5.4
• org.jacoco:jacoco-maven-plugin 0.8.14
• io.github.git-commit-id:git-commit-id-maven-plugin 9.0.2
• org.codehaus.mojo:properties-maven-plugin 1.2.1
• com.sun.xml.bind:jaxb-impl 2.3.9
• org.codehaus.mojo:wagon-maven-plugin 2.0.2
• org.codehaus.mojo:truezip-maven-plugin 1.2
• com.coderplus.maven.plugins:copy-rename-maven-plugin 1.0.1
• org.apache.maven.plugins:maven-antrun-plugin 3.2.0
• org.apache.maven.plugins:maven-clean-plugin 3.5.0

---

• Check this box to trigger a request for Renovate to run again on this repository