Dependency Dashboard

[fro-bot]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (2)

Datasource	Package	Last Updated
npm	@octokit/webhooks-types	2024-10-03
npm	@semantic-release/git	2021-10-30

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• build(dev): update dependency typescript to v6

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(dev): update dependency @types/node to v24.12.0
• build(deps): maintain lockfiles
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• build(dev): update dependency tsdown to v0.21.6
• build(deps): update dependency oh-my-openagent to v3.14.0

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(dev): update dependency @vitest/eslint-plugin to v1.6.13
• chore(dev): update dependency vitest to v4.1.1
• ci(deps): update github/codeql-action action to v4.35.1
• build(deps): update dependency @opencode-ai/sdk to v1.3.0
• chore(deps): update pnpm to v10.33.0
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

github-actions (10)

.github/actions/setup/action.yaml (2)

• pnpm/action-setup v5.0.0@fc06bc1257f339d1d5d8b3a19a8cae5388b55320
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f

.github/workflows/auto-release.yaml (2)

• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/ci.yaml (12)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• dorny/paths-filter v4.0.1@fbd0ab8f3e69293af611ebaee6363fc25e6d187d
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/dependency-review-action v4.9.0@2031cfc080254a8a887f58cffee85186f0e49e48
• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/codeql-analysis.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• github/codeql-action v4.35.0@b8bb9f28b8d3f992092362369c57161b755dea45 → [Updates: v4.35.1]
• github/codeql-action v4.35.0@b8bb9f28b8d3f992092362369c57161b755dea45 → [Updates: v4.35.1]
• github/codeql-action v4.35.0@b8bb9f28b8d3f992092362369c57161b755dea45 → [Updates: v4.35.1]

.github/workflows/copilot-setup-steps.yaml (1)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/fro-bot.yaml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f

.github/workflows/prepare-release-pr.yaml (2)

• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd

.github/workflows/renovate.yaml (1)

• bfra-me/.github v4.14.2@149be573ed167efe00af8441a647cdb2247fac33

.github/workflows/scorecard.yaml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• ossf/scorecard-action v2.4.3@4eaacf0543bb3f2c246792bd56e8cdeffafb205a
• actions/upload-artifact v7.0.0@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
• github/codeql-action v4.35.0@b8bb9f28b8d3f992092362369c57161b755dea45 → [Updates: v4.35.1]

.github/workflows/update-repo-settings.yaml (1)

• bfra-me/.github v4.14.2@149be573ed167efe00af8441a647cdb2247fac33

nodenv (1)

.node-version (1)

• node 24.14.1

npm (1)

package.json (32)

• @actions/cache 6.0.0
• @actions/core 3.0.0
• @actions/exec 3.0.0
• @actions/github 9.0.0
• @actions/tool-cache 4.0.0
• @bfra.me/es 0.1.0
• @octokit/auth-app 8.2.0
• @opencode-ai/sdk 1.2.27 → [Updates: 1.3.0]
• @bfra.me/eslint-config 0.50.1
• @bfra.me/prettier-config 0.16.7
• @bfra.me/tsconfig 0.12.2
• @octokit/webhooks-types 7.6.1
• @semantic-release/exec 7.1.0
• @semantic-release/git 10.0.1
• @types/node 24.10.13 → [Updates: 24.12.0]
• @vitest/eslint-plugin 1.6.12 → [Updates: 1.6.13]
• conventional-changelog-conventionalcommits 9.3.0
• eslint 10.1.0
• eslint-config-prettier 10.1.8
• eslint-plugin-prettier 5.5.5
• generate-license-file 4.1.1
• jiti 2.6.1
• js-yaml 4.1.1
• lint-staged 16.4.0
• prettier 3.8.1
• read-package-up 12.0.0
• semantic-release 25.0.3
• simple-git-hooks 2.13.1
• tsdown 0.21.4 → [Updates: 0.21.6]
• typescript 5.9.3 → [Updates: 6.0.2]
• vitest 4.1.0 → [Updates: 4.1.1]
• pnpm 10.32.1 → [Updates: 10.33.0]

regex (3)

src/shared/constants.ts (1)

• oh-my-openagent 3.12.3 → [Updates: 3.14.0]

src/shared/constants.ts (1)

• anomalyco/opencode 1.3.3

src/shared/constants.ts (1)

• oven-sh/bun 1.3.11

renovate-config-presets (1)

.github/renovate.json5

---

• Check here to trigger a Renovate run on this repository