Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more.<br>[View this repository on the Mend.io Web Portal](https://developer.mend.io/github/opendefensecloud/dependency-controller).

## Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

 - [ ] [chore(deps): update module osv-scanner to v2.3.8](../pull/61)

## Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

 - [ ] [chore(deps): update dependency go to v1.26.3](../pull/60)
 - [ ] [chore(deps): update github/codeql-action action to v4.35.4](../pull/59)
 - [ ] [fix(deps): update kubernetes monorepo to v0.36.0](../pull/20) (`k8s.io/api`, `k8s.io/apiextensions-apiserver`, `k8s.io/apimachinery`, `k8s.io/client-go`)
 - [ ] [fix(deps): update module github.com/kcp-dev/multicluster-provider to v0.7.0](../pull/50)
 - [ ] [fix(deps): update module github.com/kcp-dev/multicluster-provider/client to v0.7.0](../pull/51)
 - [ ] [fix(deps): update module sigs.k8s.io/controller-runtime to v0.24.0](../pull/43)
 - [ ] **Click on this checkbox to rebase all open PRs at once**

## Detected Dependencies

<details><summary>dockerfile (1)</summary>
<blockquote>

<details><summary>Dockerfile (1)</summary>

 - `golang 1.26.2` → [Updates: `1.26.3`]

</details>

</blockquote>
</details>

<details><summary>github-actions (6)</summary>
<blockquote>

<details><summary>.github/workflows/docker.yaml (10)</summary>

 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `docker/metadata-action v6.0.0@030e881283bb7a6894de51c315a6bfe6a94e05cf`
 - `docker/setup-qemu-action v4.0.0@ce360397dd3f832beb865e1373c09c0e9f86d70a`
 - `docker/setup-buildx-action v4.0.0@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd`
 - `docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121`
 - `docker/build-push-action v7.1.0@bcafcacb16a39f128d818304e6c9c0c18556b85f`
 - `sigstore/cosign-installer v4.1.2@6f9f17788090df1f26f669e9d70d6ae9567deba6`
 - `anchore/sbom-action v0.24.0@e22c389904149dbc22b58101806040fa8d37a610`
 - `actions/attest-sbom v4.1.0@c604332985a26aa8cf1bdc465b92731239ec6b9e`
 - `actions/attest-build-provenance v4.1.0@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32`

</details>

<details><summary>.github/workflows/golang.yaml (5)</summary>

 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `golangci/golangci-lint-action v9.2.0@1e7e51e771db61008b38414a730f564565cf7c20`
 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c`

</details>

<details><summary>.github/workflows/helm-lint.yaml (1)</summary>

 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`

</details>

<details><summary>.github/workflows/helm-publish.yaml (4)</summary>

 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `actions/setup-go v6.4.0@4a3601121dd01d1626a1e23e37211e3254c1c06c`
 - `sigstore/cosign-installer v4.1.2@6f9f17788090df1f26f669e9d70d6ae9567deba6`
 - `docker/login-action v4.1.0@4907a6ddec9925e35a0a9e82d7399ccc52663121`

</details>

<details><summary>.github/workflows/ossf-scorecard.yml (4)</summary>

 - `actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd`
 - `ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a`
 - `actions/upload-artifact v7.0.1@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a`
 - `github/codeql-action v4.35.3@e46ed2cbd01164d986452f91f178727624ae40d7` → [Updates: `v4.35.4`]

</details>

<details><summary>.github/workflows/osv-scanner.yml (2)</summary>

 - `google/osv-scanner-action v2.3.5@c51854704019a247608d928f370c98740469d4b5`
 - `google/osv-scanner-action v2.3.5@c51854704019a247608d928f370c98740469d4b5`

</details>

</blockquote>
</details>

<details><summary>gomod (1)</summary>
<blockquote>

<details><summary>go.mod (15)</summary>

 - `go 1.26.2` → [Updates: `1.26.3`]
 - `github.com/kcp-dev/logicalcluster/v3 v3.0.5`
 - `github.com/kcp-dev/multicluster-provider v0.6.0` → [Updates: `v0.7.0`]
 - `github.com/kcp-dev/multicluster-provider/client v0.0.0-20260412105142-7979b3b2700b@7979b3b2700b` → [Updates: `v0.7.0`]
 - `github.com/kcp-dev/sdk v0.31.1`
 - `github.com/onsi/ginkgo/v2 v2.28.3`
 - `github.com/onsi/gomega v1.40.0`
 - `github.com/stretchr/testify v1.11.1`
 - `k8s.io/api v0.35.4` → [Updates: `v0.36.0`]
 - `k8s.io/apiextensions-apiserver v0.35.1` → [Updates: `v0.36.0`]
 - `k8s.io/apimachinery v0.35.4` → [Updates: `v0.36.0`]
 - `k8s.io/client-go v0.35.4` → [Updates: `v0.36.0`]
 - `sigs.k8s.io/controller-runtime v0.23.3` → [Updates: `v0.24.0`]
 - `sigs.k8s.io/multicluster-runtime v0.23.3`
 - `sigs.k8s.io/yaml v1.6.0`

</details>

</blockquote>
</details>

<details><summary>helm-values (1)</summary>
<blockquote>

<details><summary>charts/dependency-controller/values.yaml</summary>


</details>

</blockquote>
</details>

<details><summary>nix (1)</summary>
<blockquote>

<details><summary>flake.nix (4)</summary>

 - `dev-kit lock file @ 5851d224336e5056fe840255f335dfbbe7542d14`
 - `flake-utils lock file @ 11707dc2f618dd54ca8739b309ec4fc024de578b`
 - `go-overlay lock file @ 39e0a2df70d1a7c6c79ffe96a4b40bee771d95f9`
 - `nixpkgs nixos-unstable`

</details>

</blockquote>
</details>

<details><summary>regex (3)</summary>
<blockquote>

<details><summary>flake.nix (1)</summary>

 - `go 1.26.2` → [Updates: `1.26.3`]

</details>

<details><summary>Makefile (1)</summary>

 - `opendefensecloud/dev-kit v1.0.7`

</details>

<details><summary>tools.lock (6)</summary>

 - `addlicense v1.2.0`
 - `apigen v0.31.1`
 - `controller-gen v0.21.0`
 - `ginkgo v2.28.3`
 - `golangci-lint v2.12.2`
 - `osv-scanner v2.3.7` → [Updates: `v2.3.8`]

</details>

</blockquote>
</details>

---

- [ ] Check this box to trigger a request for Renovate to run again on this repository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Dependency Dashboard #3

Pending Status Checks

Open

Detected Dependencies

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Dependency Dashboard #3

Description

Pending Status Checks

Open

Detected Dependencies

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions