Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update build tools to v2.5.0
• chore(deps): update github actions (aquasecurity/setup-trivy, aquasecurity/trivy, github/codeql-action)
• chore(deps): update node.js to v24.16.0
• fix(deps): update fastify ecosystem (major) (@fastify/compress, @fastify/env, @fastify/rate-limit)
• chore(deps): lock file maintenance
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update database to v12.10.1

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update actions/checkout digest to df4cb1c
• chore(deps): update docker/login-action digest to 650006c
• chore(deps): update docker/metadata-action digest to 80c7e94
• chore(deps): update docker/setup-buildx-action digest to d7f5e7f
• chore(deps): update release-drafter/release-drafter digest to 693d20e
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

bun (1)

package.json (102)

• @fastify/auth ^5.0.2
• @fastify/autoload ^6.3.0
• @fastify/compress ^8.0.1 → [Updates: ^9.0.0]
• @fastify/cookie ^11.0.2
• @fastify/cors ^11.0.1
• @fastify/env ^6.0.0 → [Updates: ^7.0.0]
• @fastify/formbody ^8.0.2
• @fastify/helmet ^13.0.1
• @fastify/rate-limit ^10.2.2 → [Updates: ^11.0.0]
• @fastify/sensible ^6.0.3
• @fastify/session ^11.1.0
• @fastify/swagger ^9.5.1
• @fastify/vite ^9.0.0
• @scalar/fastify-api-reference ^1.34.2
• close-with-grace ^2.2.0
• cron-parser ^5.3.1
• discord.js ^14.19.2
• eventsource ^4.1.0
• fast-xml-parser ^5.2.2
• fastify ^5.6.1
• fastify-sse-v2 ^4.2.1
• fastify-zod-openapi ^5.5.0
• knex ^3.1.0
• p-limit ^7.1.0
• pg ^8.16.0
• pino ^10.1.0
• pino-pretty ^13.1.1
• rotating-file-stream ^3.2.6
• safe-regex2 ^5.0.0
• semver ^7.7.1
• toad-scheduler ^4.0.0
• zod ^4.0.17
• @biomejs/biome ^2.4.16 → [Updates: ^2.5.0]
• @commitlint/cli ^21.0.0
• @commitlint/config-conventional ^21.0.0
• @epic-web/invariant ^1.0.0
• @hookform/resolvers ^5.2.1
• @radix-ui/react-accordion ^1.2.8
• @radix-ui/react-alert-dialog ^1.1.11
• @radix-ui/react-aspect-ratio ^1.1.4
• @radix-ui/react-avatar ^1.1.10
• @radix-ui/react-checkbox ^1.2.3
• @radix-ui/react-collapsible ^1.1.11
• @radix-ui/react-dialog ^1.1.14
• @radix-ui/react-dropdown-menu ^2.1.12
• @radix-ui/react-hover-card ^1.1.11
• @radix-ui/react-label ^2.1.4
• @radix-ui/react-popover ^1.1.11
• @radix-ui/react-progress ^1.1.4
• @radix-ui/react-radio-group ^1.3.4
• @radix-ui/react-scroll-area ^1.2.6
• @radix-ui/react-select ^2.2.2
• @radix-ui/react-separator ^1.1.4
• @radix-ui/react-slider ^1.3.2
• @radix-ui/react-slot ^1.2.3
• @radix-ui/react-switch ^1.2.2
• @radix-ui/react-tabs ^1.1.9
• @radix-ui/react-toast ^1.2.11
• @radix-ui/react-tooltip ^1.2.7
• @tailwindcss/postcss ^4.1.10
• @tanstack/react-query ^5.90.12
• @tanstack/react-table ^8.21.3
• @types/pg ^8.15.4
• @types/react ^19.1.10
• @types/react-dom ^19.1.7
• @types/semver ^7.7.0
• @types/turndown ^5.0.5
• @vitejs/plugin-react ^6.0.0
• @vitest/coverage-istanbul ^4.0.18
• @vitest/ui ^4.0.0
• autoprefixer ^10.4.20
• bun-types ^1.3.9
• class-variance-authority ^0.7.1
• clsx ^2.1.1
• cmdk ^1.1.1
• date-fns ^4.1.0
• embla-carousel-react ^8.6.0
• fastify-cli ^8.0.0
• fastify-tsconfig ^3.0.0
• husky ^9.1.7
• lucide-react ^1.0.0
• msw ^2.11.5
• next-themes ^0.4.6
• postcss ^8.5.10
• react ^19.1.1
• react-dom ^19.1.1
• react-hook-form ^7.62.0
• react-router-dom ^7.8.0
• recharts ^2.15.3
• rimraf ^6.1.0
• sonner ^2.0.5
• tailwind-merge ^3.3.1
• tailwindcss ^4.1.10
• tsc-alias ^1.8.15
• turndown ^7.2.0
• tw-animate-css ^1.3.6
• typescript ^6.0.0
• vaul ^1.1.2
• vite ^8.0.0
• vite-plugin-compression2 ^2.5.3
• vitest ^4.0.0
• zustand ^5.0.3

bun-version (1)

.bun-version (1)

• Bun 1.3.14

docker-compose (1)

docker-compose.migration.yml

dockerfile (2)

dockerfile (1)

• oven/bun 1.3.14-alpine@sha256:5acc90a93e91ff07bf72aa90a7c9f0fa189765aec90b47bdbf2152d2196383c0

dockerfile.node (2)

• node 24.15.0-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f → [Updates: 24.16.0-alpine]
• node 24.15.0-alpine@sha256:d1b3b4da11eefd5941e7f0b9cf17783fc99d9c6fc34884a665f40a06dbdfc94f → [Updates: 24.16.0-alpine]

github-actions (8)

.github/workflows/ci.yml (4)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• oven-sh/setup-bun v2@0c5077e51419868618aeaa5fe8019c62421857d6
• actions/cache v5@27d5ce7f107fe9357f9df03efb73ab90386fccae
• biomejs/setup-biome v2@4c91541eaada48f67d7dbd7833600ce162b68f51

.github/workflows/codeql.yml (3)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• github/codeql-action v4.35.4@68bde559dea0fdcac2102bfdf6230c5f70eb485e → [Updates: v4.36.2]
• github/codeql-action v4.35.4@68bde559dea0fdcac2102bfdf6230c5f70eb485e → [Updates: v4.36.2]

.github/workflows/deploy-docs-production.yml (3)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• oven-sh/setup-bun v2@0c5077e51419868618aeaa5fe8019c62421857d6
• actions/setup-node v6@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e

.github/workflows/discord-releases-beta.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• SethCohen/github-releases-to-discord v1.20.0@24d166886aee4646d448c8a389ff9e1ebcab3682

.github/workflows/discord-releases.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• SethCohen/github-releases-to-discord v1.20.0@24d166886aee4646d448c8a389ff9e1ebcab3682

.github/workflows/docker-build.yml (35)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf → [Updates: v6]
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd → [Updates: v4]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• docker/build-push-action v7@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf → [Updates: v6]
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd → [Updates: v4]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf → [Updates: v6]
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd → [Updates: v4]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• docker/build-push-action v7@f9f3042f7e2789586610d6e8b85c8f03e5195baf
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• docker/metadata-action v6@030e881283bb7a6894de51c315a6bfe6a94e05cf → [Updates: v6]
• docker/setup-buildx-action v4@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd → [Updates: v4]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• sigstore/cosign-installer v4.1.2@6f9f17788090df1f26f669e9d70d6ae9567deba6
• aquasecurity/setup-trivy v0.2.6@3fb12ec12f41e471780db15c232d5dd185dcb514 → [Updates: v0.3.1]
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• sigstore/cosign-installer v4.1.2@6f9f17788090df1f26f669e9d70d6ae9567deba6
• docker/login-action v4@4907a6ddec9925e35a0a9e82d7399ccc52663121 → [Updates: v4]
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4.35.4@68bde559dea0fdcac2102bfdf6230c5f70eb485e → [Updates: v4.36.2]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• oven-sh/setup-bun v2@0c5077e51419868618aeaa5fe8019c62421857d6
• release-drafter/release-drafter v7@c2e2804cc59f45f57076a99af580d0fedb697927 → [Updates: v7]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• aquasecurity/trivy v0.71.0 → [Updates: v0.71.0]
• aquasecurity/trivy v0.71.0 → [Updates: v0.71.0]

.github/workflows/release-drafter.yml (1)

• release-drafter/release-drafter v7@c2e2804cc59f45f57076a99af580d0fedb697927 → [Updates: v7]

.github/workflows/trivy-scan.yml (10)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/cache v5@27d5ce7f107fe9357f9df03efb73ab90386fccae
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4.35.4@68bde559dea0fdcac2102bfdf6230c5f70eb485e → [Updates: v4.36.2]
• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/cache v5@27d5ce7f107fe9357f9df03efb73ab90386fccae
• aquasecurity/trivy-action v0.36.0@ed142fd0673e97e23eac54620cfb913e5ce36c25
• github/codeql-action v4.35.4@68bde559dea0fdcac2102bfdf6230c5f70eb485e → [Updates: v4.36.2]
• aquasecurity/trivy v0.71.0 → [Updates: v0.71.0]
• aquasecurity/trivy v0.71.0 → [Updates: v0.71.0]

npm (2)

docs/package.json

packages/better-sqlite3-bun/package.json

nvm (1)

.nvmrc (1)

• node 24.15.0 → [Updates: 24.16.0]

regex (3)

biome.json (1)

• @biomejs/biome 2.4.16 → [Updates: 2.5.0]

dockerfile.node (1)

• better-sqlite3 12.10.0 → [Updates: 12.10.1]

dockerfile.node (1)

• tsx 4.22.4

---

• Check this box to trigger a request for Renovate to run again on this repository