Dependency Dashboard

[agntcy-automation]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Package lookup failures

---

Warning

Renovate failed to look up the following dependencies: Failed to look up pypi package agntcy-dir-grpc-python, Failed to look up pypi package agntcy-dir-protocolbuffers-python.

Files affected: pyproject.toml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency authlib to v1.6.11 [security]
• chore(deps): update dependency pytest to v9.0.3 [security]
• chore(deps): update dependency astral-sh/uv to v0.11.10
• chore(deps): update github actions (actions/checkout, actions/create-github-app-token, actions/dependency-review-action, actions/setup-node, docker/login-action, github/codeql-action, step-security/harden-runner, super-linter/super-linter, webiny/action-conventional-commits)
• chore(deps): lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

2/2 CVEs have Renovate fixes.

pep621

pyproject.toml

authlib

• GHSA-jj8c-mmj3-mmgv (fixed in >= 1.6.11)

pytest

• GHSA-6w46-j5rx-g56g (fixed in >= 9.0.3)

Detected Dependencies

github-actions (8)

.github/workflows/ci.yaml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• dorny/paths-filter v4.0.1@fbd0ab8f3e69293af611ebaee6363fc25e6d187d

.github/workflows/codeql.yml (5)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-python v6.2.0@a309ff8b426b58ec0e2a45f0f869d46889d02405
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4.35.3]
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13 → [Updates: v4.35.3]
• python 3.14

.github/workflows/conventional_commits.yml (3)

• step-security/harden-runner v2.11.0@4d991eb9b905ef189e4c376166672c3f2f230481 → [Updates: v2.19.1]
• actions/checkout v4 → [Updates: v4.3.1, v6.0.2, v4]
• webiny/action-conventional-commits v1.3.0 → [Updates: v1.4.2, v1.3.0]

.github/workflows/dependencies.yaml (7)

• actions/create-github-app-token v3.0.0@f8d387b68d61c58ab83c6c016672934102569859 → [Updates: v3.1.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• go-task/setup-task v2.0.0@3be4020d41929789a01026e0e427a4321ce0ad44
• actions/setup-node v6.3.0@53b83947a5a98c8d113130e565377fae1a50d02f → [Updates: v6.4.0]
• astral-sh/setup-uv v7.6.0@37802adc94f370d6bfd71619e3f0bf239e1f3b78 → [Updates: v8.1.0]
• node 24.x
• astral-sh/uv 0.11.6 → [Updates: 0.11.10]

.github/workflows/dependency.yml (3)

• step-security/harden-runner v2.11.0@4d991eb9b905ef189e4c376166672c3f2f230481 → [Updates: v2.19.1]
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332 → [Updates: v4.3.1, v6.0.2]
• actions/dependency-review-action v4.5.0@3b139cfc5fae8b618d3eae3675e383bb1769c019 → [Updates: v4.9.0, v5.0.0]

.github/workflows/lint.yml (3)

• step-security/harden-runner v2.11.0@4d991eb9b905ef189e4c376166672c3f2f230481 → [Updates: v2.19.1]
• actions/checkout v4.1.7@692973e3d937129bcbf40652eb9f2f61becf3332 → [Updates: v4.3.1, v6.0.2]
• super-linter/super-linter v7.2.1@85f7611e0f7b53c8573cca84aa0ed4344f6f6a4d → [Updates: v7.4.0, v8.6.0]

.github/workflows/reusable-release-sdk.yaml (2)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• go-task/setup-task v2.0.0@3be4020d41929789a01026e0e427a4321ce0ad44

.github/workflows/reusable-test-sdk.yaml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• docker/login-action v4.0.0@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 → [Updates: v4.1.0]
• go-task/setup-task v2.0.0@3be4020d41929789a01026e0e427a4321ce0ad44

pep621 (1)

pyproject.toml (11)

• python >=3.10
• agntcy-dir-grpc-python ==1.78.0.1.20260413212701+cb1fb6353ac1
• agntcy-dir-protocolbuffers-python ==34.0.0.1.20260413212701+cb1fb6353ac1
• authlib >=1.6.9 → [Updates: >=1.6.9]
• httpx >=0.28.1
• grpcio >=1.78.0
• pyasn1 >=0.6.3
• spiffe >=0.2.6
• spiffe-tls >=0.3.1
• pytest >=9.0.0 → [Updates: >=9.0.0]
• uuid >=1.30

pyenv (1)

.python-version (1)

• python 3.14