Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Deprecations / Replacements

Warning

These dependencies are either deprecated or have replacements available:

Datasource	Package	Replacement PR?
nuget	FluentValidation.AspNetCore

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (10)

Datasource	Package	Last Updated
nuget	AutoFixture	2025-01-21
nuget	AutoFixture.AutoNSubstitute	2025-01-21
nuget	AutoFixture.Xunit2	2025-01-21
nuget	Moq	2024-09-07
terraform	github.com/dfe-digital/terraform-statuscake-tls-monitor	2024-12-10
terraform	statuscake	2023-10-20

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• Update actions/cache action to v5
• Update actions/checkout action to v6
• Update actions/setup-dotnet action to v5
• Update actions/setup-java action to v5
• Update dependency coverlet.collector to v8
• Update dependency MediatR to v14
• Update dependency Microsoft.ApplicationInsights.AspNetCore to v3
• Update dependency Microsoft.AspNetCore.Authentication.OpenIdConnect to v10
• Update dependency Microsoft.NET.Test.Sdk to v18
• Update dependency Microsoft.OpenApi to v3
• Update dependency MockQueryable.NSubstitute to v10
• Update dependency Scrutor to v7
• Update dependency TimeZoneConverter to v7
• Update docker/build-push-action action to v7
• Update docker/setup-buildx-action action to v4
• Update github/codeql-action action to v4
• Update Terraform azapi to v2
• 🔐 Create all pending approval PRs at once 🔐

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update dependency Asp.Versioning.Mvc.ApiExplorer to 8.1.1
• Update dependency GovUK.Dfe.CoreLibs.Contracts to 1.0.57
• Update dependency GovUK.Dfe.CoreLibs.FileStorage to 0.1.5
• Update dependency GovUK.Dfe.CoreLibs.Http to 1.0.11
• Update dependency GovUK.Dfe.CoreLibs.Messaging.Contracts to 0.1.5
• Update dependency GovUK.Dfe.CoreLibs.Notifications to 0.1.6
• Update dependency GovUK.Dfe.CoreLibs.Testing to 1.1.23
• Update dependency Microsoft.Extensions.Azure to 1.13.1
• Update dependency Microsoft.NET.Test.Sdk to 17.14.1
• Update dependency Microsoft.OpenApi to 2.4.3
• Update dependency Newtonsoft.Json to 13.0.4
• Update dotnet monorepo (patch) (Microsoft.AspNetCore.Authentication.JwtBearer, Microsoft.AspNetCore.Authentication.OpenIdConnect, Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore, Microsoft.AspNetCore.HeaderPropagation, Microsoft.AspNetCore.Mvc.Testing, Microsoft.AspNetCore.SignalR.Client, Microsoft.Bcl.AsyncInterfaces, Microsoft.Data.Sqlite, Microsoft.Data.Sqlite.Core, Microsoft.EntityFrameworkCore, Microsoft.EntityFrameworkCore.Design, Microsoft.EntityFrameworkCore.InMemory, Microsoft.EntityFrameworkCore.SqlServer, Microsoft.EntityFrameworkCore.Sqlite, Microsoft.Extensions.Caching.Abstractions, Microsoft.Extensions.Configuration.Abstractions, Microsoft.Extensions.Options.ConfigurationExtensions)
• Update swashbuckle-aspnetcore monorepo to 10.1.7 (patch) (Swashbuckle.AspNetCore, Swashbuckle.AspNetCore.Annotations)
• Update Terraform github.com/DFE-Digital/terraform-azurerm-container-apps-hosting to v2.6.4
• Update aquasecurity/trivy-action action to v0.35.0
• Update dependency BenchmarkDotNet to 0.15.8
• Update dependency FluentValidation to 12.1.1
• Update dependency hashicorp/terraform to v1.14.8
• Update dependency Microsoft.Azure.SignalR to 1.33.0
• Update dependency Microsoft.Identity.Client to 4.83.3
• Update dependency Microsoft.Identity.Web to 4.6.0
• Update dependency Microsoft.OpenApi to 2.7.2
• Update dependency Microsoft.Playwright to 1.58.0
• Update dependency NetEscapades.AspNetCore.SecurityHeaders to 1.3.1
• Update dependency System.IdentityModel.Tokens.Jwt to 8.17.0
• Lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• Update Terraform azurerm to v4.67.0

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package aquasecurity/trivy-action).

Files affected: .github/workflows/docker-test.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency AutoMapper to v15 [SECURITY]
• Pin dependencies (actions/cache, actions/checkout, actions/setup-dotnet, actions/setup-java, gittools/actions, mcr.microsoft.com/dotnet/aspnet, mcr.microsoft.com/dotnet/sdk)
• Update actions/checkout digest to 34e1148
• Update docker/build-push-action digest to 10e90e3
• Update docker/setup-buildx-action digest to 8d2750c
• Update github/codeql-action digest to 5c8a8a6
• Update dependency Asp.Versioning.Mvc to 8.1.1
• Update dependency FluentValidation.AspNetCore to 11.3.1
• Update dependency GovUK.Dfe.CoreLibs.AsyncProcessing to 1.0.13
• Update dependency GovUK.Dfe.CoreLibs.Security to 1.1.24
• Update dependency xunit.runner.visualstudio to 3.1.5
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

dockerfile (1)

Dockerfile (3)

• mcr.microsoft.com/dotnet/sdk 10.0-noble → [Updates: 10.0-noble]
• mcr.microsoft.com/dotnet/aspnet 10.0-azurelinux3.0 → [Updates: 10.0-azurelinux3.0]
• mcr.microsoft.com/dotnet/aspnet 10.0-noble → [Updates: 10.0-noble]

github-actions (4)

.github/workflows/build-test-template.yml (4)

• actions/checkout v4 → [Updates: v6, v4]
• actions/setup-dotnet v4 → [Updates: v5, v4]
• actions/setup-java v4 → [Updates: v5, v4]
• actions/cache v4 → [Updates: v5, v4]

.github/workflows/deploy.yml (7)

• actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v6, v4]
• DFE-Digital/deploy-azure-container-apps-action v5.2.1@8e72e403f05ff9da09668207eef1d79e1ce9d1a7
• DFE-Digital/deploy-azure-container-apps-action v5.2.1@8e72e403f05ff9da09668207eef1d79e1ce9d1a7
• DFE-Digital/deploy-azure-container-apps-action v5.2.1@8e72e403f05ff9da09668207eef1d79e1ce9d1a7
• ubuntu 24.04
• ubuntu 24.04
• ubuntu 24.04

.github/workflows/docker-test.yml (5)

• actions/checkout v4@11bd71901bbe5b1630ceea73d27597364c9af683 → [Updates: v6, v4]
• docker/setup-buildx-action v3@e468171a9de216ec08956ac3ada2f0791b6bd435 → [Updates: v4, v3]
• docker/build-push-action v6@263435318d21b8e681c14492fe198d362a7d2c83 → [Updates: v7, v6]
• aquasecurity/trivy-action 0.34.2@97e0b3872f55f89b95b2f65b3dbab56962816478 → [Updates: v0.35.0]
• github/codeql-action v3@181d5eefc20863364f96762470ba6f862bdef56b → [Updates: v4, v3]

.github/workflows/pack-template.yml (3)

• actions/checkout v4 → [Updates: v6, v4]
• actions/setup-dotnet v4 → [Updates: v5, v4]
• gittools/actions v0.9 → [Updates: v0.9]

nuget (11)

src/Benchmarks/DfE.ExternalApplications.Benchmarks.csproj (1)

• BenchmarkDotNet 0.14.0 → [Updates: 0.15.8]

src/DfE.ExternalApplications.Api/DfE.ExternalApplications.Api.csproj (23)

• TimeZoneConverter 6.1.0 → [Updates: 7.2.0]
• Swashbuckle.AspNetCore.Annotations 10.1.4 → [Updates: 10.1.7]
• Swashbuckle.AspNetCore 10.1.4 → [Updates: 10.1.7]
• Microsoft.OpenApi 2.4.1 → [Updates: 2.4.3, 2.7.2, 3.5.1]
• Serilog.Sinks.ApplicationInsights 5.0.0
• Serilog.AspNetCore 10.0.0
• NSwag.MSBuild 14.6.3
• NSwag.AspNetCore 14.6.3
• NetEscapades.AspNetCore.SecurityHeaders 1.1.0 → [Updates: 1.3.1]
• Microsoft.FeatureManagement.AspNetCore 4.4.0
• Microsoft.Extensions.Azure 1.13.0 → [Updates: 1.13.1]
• Microsoft.EntityFrameworkCore.SqlServer 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore.Design 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore 10.0.3 → [Updates: 10.0.5]
• Microsoft.Bcl.AsyncInterfaces 10.0.3 → [Updates: 10.0.5]
• Microsoft.Azure.SignalR 1.32.0 → [Updates: 1.33.0]
• Microsoft.AspNetCore.HeaderPropagation 10.0.3 → [Updates: 10.0.5]
• Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore 10.0.3 → [Updates: 10.0.5]
• Microsoft.ApplicationInsights.AspNetCore 2.23.0 → [Updates: 3.0.0]
• GovUK.Dfe.CoreLibs.Http 1.0.10 → [Updates: 1.0.11]
• Azure.Messaging.ServiceBus 7.20.1
• Asp.Versioning.Mvc.ApiExplorer 8.1.0 → [Updates: 8.1.1]
• Asp.Versioning.Mvc 8.1.0 → [Updates: 8.1.1]

src/DfE.ExternalApplications.Application/DfE.ExternalApplications.Application.csproj (15)

• System.IdentityModel.Tokens.Jwt 8.10.0 → [Updates: 8.17.0]
• Scrutor 4.2.2 → [Updates: 7.0.0]
• Microsoft.Extensions.Configuration.Abstractions 10.0.0 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore 10.0.3 → [Updates: 10.0.5]
• FluentValidation.AspNetCore 11.3.0 → [Updates: 11.3.1]
• FluentValidation 12.0.0 → [Updates: 12.1.1]
• GovUK.Dfe.CoreLibs.Utilities 1.0.16
• GovUK.Dfe.CoreLibs.Security 1.1.24-prerelease-3 → [Updates: 1.1.24]
• GovUK.Dfe.CoreLibs.Notifications 0.1.6-prerelease-42 → [Updates: 0.1.6]
• GovUK.Dfe.CoreLibs.Messaging.MassTransit 0.1.3
• GovUK.Dfe.CoreLibs.Messaging.Contracts 0.1.3 → [Updates: 0.1.5]
• GovUK.Dfe.CoreLibs.FileStorage 0.1.5-prerelease-36 → [Updates: 0.1.5]
• GovUK.Dfe.CoreLibs.Email 0.1.1
• GovUK.Dfe.CoreLibs.AsyncProcessing 1.0.12 → [Updates: 1.0.13]
• AutoMapper 14.0.0 → [Updates: 15.1.3]

src/DfE.ExternalApplications.Domain/DfE.ExternalApplications.Domain.csproj (6)

• Newtonsoft.Json 13.0.4
• Microsoft.Extensions.Caching.Abstractions 10.0.0 → [Updates: 10.0.5]
• MediatR 12.5.0 → [Updates: 14.1.0]
• FluentValidation 12.0.0 → [Updates: 12.1.1]
• GovUK.Dfe.CoreLibs.Contracts 1.0.56 → [Updates: 1.0.57]
• GovUK.Dfe.CoreLibs.Caching 1.0.13

src/DfE.ExternalApplications.Infrastructure/DfE.ExternalApplications.Infrastructure.csproj (9)

• Microsoft.Playwright 1.49.0 → [Updates: 1.58.0]
• Microsoft.Identity.Web 4.3.0 → [Updates: 4.6.0]
• Microsoft.Extensions.Options.ConfigurationExtensions 10.0.0 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore.SqlServer 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore.Sqlite 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore.Design 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore 10.0.3 → [Updates: 10.0.5]
• Microsoft.AspNetCore.Authentication.JwtBearer 10.0.3 → [Updates: 10.0.5]
• GovUK.Dfe.CoreLibs.Security 1.1.24-prerelease-3 → [Updates: 1.1.24]

src/GovUK.Dfe.ExternalApplications.Api.Client/GovUK.Dfe.ExternalApplications.Api.Client.csproj (7)

• Microsoft.AspNetCore.Authentication.OpenIdConnect 10.0.3 → [Updates: 10.0.5]
• Microsoft.AspNetCore.Authentication.OpenIdConnect 8.0.14 → [Updates: 8.0.25, 10.0.5]
• System.IdentityModel.Tokens.Jwt 8.10.0 → [Updates: 8.17.0]
• Newtonsoft.Json 13.0.3 → [Updates: 13.0.4]
• Microsoft.Identity.Client 4.72.1 → [Updates: 4.83.3]
• GovUK.Dfe.CoreLibs.Http 1.0.10 → [Updates: 1.0.11]
• GovUK.Dfe.CoreLibs.Contracts 1.0.54 → [Updates: 1.0.57]

src/Tests/DfE.ExternalApplications.Api.Tests.Integration/DfE.ExternalApplications.Api.Tests.Integration.csproj (5)

• Microsoft.AspNetCore.SignalR.Client 10.0.3 → [Updates: 10.0.5]
• xunit.runner.visualstudio 3.1.0 → [Updates: 3.1.5]
• Microsoft.Data.Sqlite 10.0.3 → [Updates: 10.0.5]
• coverlet.collector 6.0.4 → [Updates: 8.0.1]
• xunit 2.9.3

src/Tests/DfE.ExternalApplications.Api.Tests/DfE.ExternalApplications.Api.Tests.csproj (6)

• xunit.runner.visualstudio 3.1.0 → [Updates: 3.1.5]
• AutoFixture.Xunit2 4.18.1
• AutoFixture.AutoNSubstitute 4.18.1
• AutoFixture 4.18.1
• xunit 2.9.3
• coverlet.collector 6.0.4 → [Updates: 8.0.1]

src/Tests/DfE.ExternalApplications.Application.Tests/DfE.ExternalApplications.Application.Tests.csproj (6)

• xunit.runner.visualstudio 3.1.0 → [Updates: 3.1.5]
• FluentAssertions 7.0.0
• AutoFixture 4.18.1
• xunit 2.9.3
• Microsoft.EntityFrameworkCore.InMemory 10.0.3 → [Updates: 10.0.5]
• coverlet.collector 6.0.4 → [Updates: 8.0.1]

src/Tests/DfE.ExternalApplications.Domain.Tests/DfE.ExternalApplications.Domain.Tests.csproj (3)

• xunit.runner.visualstudio 3.1.0 → [Updates: 3.1.5]
• xunit 2.9.3
• coverlet.collector 6.0.4 → [Updates: 8.0.1]

src/Tests/DfE.ExternalApplications.Tests.Common/DfE.ExternalApplications.Tests.Common.csproj (12)

• xunit 2.9.3
• Moq 4.20.72
• MockQueryable.NSubstitute 7.0.3 → [Updates: 10.0.5]
• Microsoft.NET.Test.Sdk 17.14.0 → [Updates: 17.14.1, 18.3.0]
• Microsoft.EntityFrameworkCore.Sqlite 10.0.3 → [Updates: 10.0.5]
• Microsoft.EntityFrameworkCore 10.0.3 → [Updates: 10.0.5]
• Microsoft.Data.Sqlite.Core 10.0.3 → [Updates: 10.0.5]
• Microsoft.AspNetCore.Mvc.Testing 10.0.3 → [Updates: 10.0.5]
• GovUK.Dfe.CoreLibs.Testing 1.1.23-prerelease-29 → [Updates: 1.1.23]
• AutoFixture.Xunit2 4.18.1
• AutoFixture.AutoNSubstitute 4.18.1
• AutoFixture 4.18.1

renovate-config-presets (1)

renovate.json

terraform (5)

terraform/container-apps-hosting.tf (1)

• github.com/DFE-Digital/terraform-azurerm-container-apps-hosting v2.6.3 → [Updates: v2.6.4]

terraform/key-vault-tfvars-secrets.tf (1)

• github.com/DFE-Digital/terraform-azurerm-key-vault-tfvars v0.5.2

terraform/providers.tf

terraform/statuscake-tls-monitor.tf (1)

• github.com/dfe-digital/terraform-statuscake-tls-monitor v0.1.5

terraform/versions.tf (4)

• azapi ~> 1.13 → [Updates: ~> 2.0]
• azurerm ~> 4.0 → [Updates: ~> 4.0]
• statuscake ~> 2.1
• hashicorp/terraform ~> 1.9

terraform-version (1)

terraform/.terraform-version (1)

• hashicorp/terraform 1.10.5 → [Updates: 1.14.8]

---

• Check this box to trigger a request for Renovate to run again on this repository