Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Pending Approval

The following branches are pending approval. To create them, click on a checkbox below.

• chore(deps): update ghcr.io/astral-sh/uv docker tag to v0.9.30
• chore(deps): update ncipollo/release-action action to v1.21.0
• chore(deps): update python docker tag to v3.14
• 🔐 Create all pending approval PRs at once 🔐

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• chore(deps): lock file maintenance

Detected Dependencies

devcontainer (1)

.devcontainer/devcontainer.json (5)

• mcr.microsoft.com/devcontainers/python 3.14
• ghcr.io/devcontainers/features/github-cli 1
• ghcr.io/devcontainers/features/copilot-cli 1
• ghcr.io/devcontainers/features/node 1
• ghcr.io/devcontainers/features/docker-in-docker 2

dockerfile (1)

docker/Dockerfile (2)

• ghcr.io/astral-sh/uv 0.9.24-python3.12-bookworm-slim → [Updates: 0.9.30-python3.12-bookworm-slim]
• python 3.12-slim → [Updates: 3.14-slim]

github-actions (16)

.github/workflows/copilot-setup-steps.yml (3)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• astral-sh/uv 0.10.10

.github/workflows/renovate_rhiza_sync.yml (2)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0

.github/workflows/rhiza_benchmarks.yml (5)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/upload-artifact v7.0.0
• benchmark-action/github-action-benchmark v1
• astral-sh/uv 0.10.10

.github/workflows/rhiza_book.yml (6)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/upload-artifact v7.0.0
• actions/upload-pages-artifact v4.0.0
• actions/deploy-pages v4.0.5
• astral-sh/uv 0.10.10

.github/workflows/rhiza_ci.yml (9)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• astral-sh/uv 0.10.10
• astral-sh/uv 0.10.10
• astral-sh/uv 0.10.10

.github/workflows/rhiza_codeql.yml (3)

• actions/checkout v6.0.2
• github/codeql-action v4.32.6
• github/codeql-action v4.32.6

.github/workflows/rhiza_deptry.yml (2)

• actions/checkout v6.0.2
• ghcr.io/astral-sh/uv 0.9.30-bookworm

.github/workflows/rhiza_devcontainer.yml (3)

• actions/checkout v6.0.2
• docker/login-action v4.0.0
• devcontainers/ci v0.3

.github/workflows/rhiza_docker.yml (6)

• actions/checkout v6.0.2
• hadolint/hadolint-action v3.3.0
• docker/setup-buildx-action v4.0.0
• aquasecurity/trivy-action 0.35.0
• github/codeql-action v4
• actions/upload-artifact v7.0.0

.github/workflows/rhiza_gh-aw-validate.yml (1)

• actions/checkout v6

.github/workflows/rhiza_marimo.yml (5)

• actions/checkout v6.0.2
• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/upload-artifact v7.0.0
• astral-sh/uv 0.10.10

.github/workflows/rhiza_pre-commit.yml (2)

• actions/checkout v6.0.2
• actions/cache v5

.github/workflows/rhiza_release.yml (20)

• actions/checkout v6.0.2
• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/setup-python v6.2.0
• actions/attest v4.1.0
• actions/upload-artifact v7.0.0
• actions/attest-build-provenance v4
• actions/upload-artifact v7.0.0
• actions/download-artifact v8.0.1
• ncipollo/release-action v1.20.0 → [Updates: v1.21.0]
• actions/checkout v6.0.2
• actions/download-artifact v8.0.1
• actions/checkout v6.0.2
• docker/login-action v4.0.0
• devcontainers/ci v0.3
• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• actions/setup-python v6.2.0
• astral-sh/uv 0.10.10
• astral-sh/uv 0.10.10

.github/workflows/rhiza_security.yml (2)

• actions/checkout v6.0.2
• ghcr.io/astral-sh/uv 0.9.30-bookworm

.github/workflows/rhiza_sync.yml (3)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• peter-evans/create-pull-request v8.1.0

.github/workflows/rhiza_validate.yml (3)

• actions/checkout v6.0.2
• astral-sh/setup-uv v7.5.0
• astral-sh/uv 0.10.10

gitlabci (9)

.gitlab-ci.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_book.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_ci.yml (2)

• ghcr.io/astral-sh/uv 0.9.30-bookworm
• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_deptry.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_marimo.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_pre-commit.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_release.yml (2)

• ghcr.io/astral-sh/uv 0.9.30-bookworm
• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_sync.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

.gitlab/workflows/rhiza_validate.yml (1)

• ghcr.io/astral-sh/uv 0.9.30-bookworm

pep621 (1)

pyproject.toml (5)

• marimo >=0.18.0,<1.0
• numpy >=2.4.0,<3.0
• plotly >=6.5.0,<7.0
• pandas >=3,<3.1
• pyyaml >=6.0,<7.0

pre-commit (1)

.pre-commit-config.yaml (9)

• pre-commit/pre-commit-hooks v6.0.0
• astral-sh/ruff-pre-commit v0.15.6
• igorshubovych/markdownlint-cli v0.48.0
• python-jsonschema/check-jsonschema 0.37.0
• rhysd/actionlint v1.7.11
• abravalheri/validate-pyproject v0.25
• PyCQA/bandit 1.9.4
• astral-sh/uv-pre-commit 0.10.10
• Jebel-Quant/rhiza-hooks v0.3.0

---

• Check this box to trigger a request for Renovate to run again on this repository