Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• Update all non major NPM dependencies (axe-core, govuk-frontend, lint-staged)

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update actions/checkout digest to df4cb1c
• Update dependency concurrently to v10
• Update dependency redis to v6
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• Update dependency applicationinsights to v3
• Update dependency diff to v9
• Update redis Docker tag to v8

Detected Dependencies

docker-compose (2)

docker-compose-test.yml (2)

• redis 7.4 → [Updates: 8.8]
• gotenberg/gotenberg 8

docker-compose.yml (2)

• redis 7.4 → [Updates: 8.8]
• gotenberg/gotenberg 8

dockerfile (2)

Dockerfile (2)

• ghcr.io/ministryofjustice/hmpps-node 24-alpine
• ghcr.io/ministryofjustice/hmpps-node 24-alpine-runtime

maintenance_pages/Dockerfile (1)

• nginx 1.31

github-actions (9)

.github/workflows/deploy_to_env.yml (2)

• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2

.github/workflows/node_integration_tests_redis.yml (8)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• actions/cache v5.0.5@27d5ce7f107fe9357f9df03efb73ab90386fccae
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• dorny/test-reporter v3@a43b3a5f7366b97d083190328d2c652e1a8b6aa2
• actions/github-script v9@3a2844b7e9c422d3c10d287c895573f7108da1b3
• redis 7.4 → [Updates: 8.8]

.github/workflows/pipeline.yml (7)

• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2
• ministryofjustice/hmpps-github-actions v2

.github/workflows/security_codeql_actions_scan.yml (1)

• ministryofjustice/hmpps-github-actions v2

.github/workflows/security_codeql_scan.yml (1)

• ministryofjustice/hmpps-github-actions v2

.github/workflows/security_npm_dependency.yml (1)

• ministryofjustice/hmpps-github-actions v2

.github/workflows/security_veracode_pipeline_scan.yml (1)

• ministryofjustice/hmpps-github-actions v2

.github/workflows/security_veracode_policy_scan.yml (1)

• ministryofjustice/hmpps-github-actions v2

.github/workflows/smoke_tests.yml (3)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6]
• actions/setup-node v6.4.0@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a

helm-values (1)

helm_deploy/send-legal-mail-to-prisons/values.yaml (1)

• gotenberg/gotenberg 8

helmv3 (1)

helm_deploy/send-legal-mail-to-prisons/Chart.yaml (3)

• generic-service 3.17
• generic-service 3.17
• generic-prometheus-alerts 1.17

npm (2)

package.json (76)

• @ministryofjustice/frontend ^9.0.0
• @ministryofjustice/hmpps-monitoring 2.1.0
• accessible-autocomplete ^3.0.1
• agentkeepalive ^4.6.0
• applicationinsights ^2.9.8 → [Updates: ^3.15.0]
• bunyan ^1.8.15
• bunyan-format ^0.2.1
• bwip-js ^4.11.1
• canvas 3.2.3
• compression ^1.8.1
• connect-flash ^0.1.1
• connect-redis ^9.0.0
• cookie-parser ^1.4.7
• cookie-session ^2.1.1
• csrf-sync ^4.2.1
• dotenv ^17.4.2
• express ^5.2.1
• express-session ^1.19.0
• govuk-frontend ^6.1.0 → [Updates: ^6.2.0]
• helmet ^8.2.0
• http-errors ^2.0.1
• jquery ^4.0.0
• jsonwebtoken ^9.0.3
• jwt-decode ^4.0.0
• moment ^2.30.1
• nocache ^4.0.0
• nunjucks ^3.2.4
• passport ^0.7.0
• passport-oauth2 ^1.8.0
• redis ^5.12.1 → [Updates: ^6.0.0]
• superagent 10.3.0
• @ministryofjustice/eslint-config-hmpps ^1.0.3
• @ministryofjustice/hmpps-npm-script-allowlist 0.0.6
• @tsconfig/node24 ^24.0.4
• @types/bunyan ^1.8.11
• @types/bunyan-format ^0.2.9
• @types/bwip-js 3.2.3
• @types/compression ^1.8.1
• @types/connect-flash 0.0.40
• @types/cookie-parser ^1.4.10
• @types/cookie-session ^2.0.49
• @types/express-session ^1.19.0
• @types/http-errors ^2.0.5
• @types/jest ^30.0.0
• @types/jsdom ^28.0.3
• @types/jsonwebtoken ^9.0.10
• @types/node ^24.12.4 → [Updates: ^24.13.1]
• @types/nunjucks ^3.2.6
• @types/passport ^1.0.17
• @types/passport-oauth2 ^1.8.0
• @types/superagent ^8.1.10
• @types/supertest ^7.2.0
• audit-ci ^7.1.0
• axe-core ^4.11.4 → [Updates: ^4.12.0]
• cheerio ^1.2.0
• concurrently ^9.2.1 → [Updates: ^10.0.0]
• cypress ^15.16.0
• cypress-axe ^1.7.0
• cypress-multi-reporters ^2.0.5
• husky ^9.1.7
• jest ^30.4.2
• jest-environment-jsdom ^30.4.1
• jest-html-reporter ^4.4.0
• jest-junit ^17.0.0
• lint-staged ^17.0.6 → [Updates: ^17.0.7]
• mocha-junit-reporter ^2.2.1
• nock ^14.0.15
• nodemon ^3.1.14
• prettier ^3.8.3
• redis-mock ^0.56.3
• sass 1.100.0
• supertest 7.2.2
• ts-jest ^29.4.11
• typescript ^6.0.3
• diff ^8.0.4 → [Updates: ^9.0.0]
• serialize-javascript ^7.0.5

smoke_tests/package.json (11)

• typescript ^6.0.3
• @ministryofjustice/hmpps-npm-script-allowlist 0.0.6
• axe-core ^4.11.4 → [Updates: ^4.12.0]
• cypress ^15.16.0
• cypress-axe ^1.7.0
• cypress-multi-reporters ^2.0.5
• jsonwebtoken ^9.0.3
• mocha-junit-reporter ^2.2.1
• superagent ^10.3.0
• diff ^8.0.4 → [Updates: ^9.0.0]
• serialize-javascript ^7.0.5

nvm (2)

.nvmrc (1)

• node 24

smoke_tests/.nvmrc (1)

• node 24

---

• Check this box to trigger a request for Renovate to run again on this repository