Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• Update bundler non-major dependencies (actioncable, active_storage_validations, aws-sdk-cognitoidentityprovider, aws-sdk-s3, bootsnap, faker, jbuilder, pg-aws_rds_iam, rails, rspec-rails, rubocop-rspec, selenium-webdriver, web-console)
• Update dependency rails-erd to v2
• Update dependency route_translator to v16
• Update Ruby language to v4 (registry.docker.com/library/ruby, ruby)
• Lock file maintenance
• 🔐 Create all awaiting schedule PRs at once 🔐

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency devise to v5.0.4 [SECURITY]
• Update dependency faraday to v2.14.2 [SECURITY]
• Update dependency jwt to v3.2.0 [SECURITY]
• Update dependency puma to v7 [SECURITY]
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

5/5 CVEs have Renovate fixes.

bundler

template/{{app_name}}/Gemfile

puma

• GHSA-2vqw-3mp8-cgmx (fixed in >= 7.2.1)
• GHSA-qpgp-93vx-g8v8 (fixed in >= 7.2.1)

devise

• GHSA-jp94-3292-c3xv (fixed in >= 5.0.4)

jwt

• GHSA-c32j-vqhx-rx3x (fixed in >= 3.2.0)

faraday

• GHSA-5rv5-xj5j-3484 (fixed in >= 2.14.2)

Detected Dependencies

bundler (1)

template/{{app_name}}/Gemfile (41)

• ruby 3.4.9 → [Updates: 4.0.5]
• rails "~> 8.0.5", ">= 8.0.5" → [Updates: "~> 8.1.0", ">= 8.1.3"]
• sprockets-rails lock file @ 3.5.2
• pg "~> 1.1"
• puma ">= 5.0" → [Updates: ">= 5.0"]
• cssbundling-rails "~> 1.4"
• importmap-rails lock file @ 2.2.3
• turbo-rails ">= 2.0"
• stimulus-rails lock file @ 1.3.4
• jbuilder lock file @ 2.14.1 → [Updates: undefined]
• route_translator lock file @ 15.2.0 → [Updates: undefined]
• bootsnap lock file @ 1.22.0 → [Updates: undefined]
• aws-sdk-cognitoidentityprovider "~> 1.88" → [Updates: "~> 1.88"]
• devise lock file @ 5.0.3 → [Updates: undefined]
• jwt lock file @ 3.1.2 → [Updates: undefined]
• pundit lock file @ 2.5.2
• pundit-matchers lock file @ 4.0.0
• rqrcode lock file @ 3.2.0
• aws-sdk-rails lock file @ 5.1.0
• aws-sdk-s3 lock file @ 1.213.0 → [Updates: undefined]
• active_storage_validations lock file @ 3.0.3 → [Updates: undefined]
• faraday lock file @ 2.14.1 → [Updates: undefined]
• faker "~> 3.2" → [Updates: "~> 3.2"]
• lookbook ">= 2.3.9"
• guard-rspec lock file @ 4.7.3
• dotenv lock file @ 3.2.0
• debug lock file @ 1.11.1
• factory_bot_rails lock file @ 6.5.1
• rspec-rails "~> 8.0.0" → [Updates: "~> 8.0.0"]
• listen lock file @ 3.10.0
• actioncable lock file @ 8.0.5 → [Updates: undefined]
• rubocop-rails-omakase lock file @ 1.1.0
• rubocop-rspec lock file @ 3.9.0 → [Updates: undefined]
• rubocop-rspec_rails lock file @ 2.32.0
• letter_opener lock file @ 1.10.0
• web-console lock file @ 4.2.1 → [Updates: undefined]
• rails-erd lock file @ 1.7.2 → [Updates: undefined]
• capybara lock file @ 3.40.0
• selenium-webdriver lock file @ 4.40.0 → [Updates: undefined]
• simplecov lock file @ 0.22.0
• pg-aws_rds_iam "~> 0.7.0" → [Updates: "~> 0.8.0"]

dockerfile (1)

template/{{app_name}}/Dockerfile (2)

• docker/dockerfile 1
• registry.docker.com/library/ruby 3.4.9-slim → [Updates: 4.0.5-slim]

github-actions (5)

.github/workflows/cd.yml (3)

• actions/checkout v6
• actions/setup-python v6
• python 3.14

.github/workflows/ci.yml

.github/workflows/create-or-update-test-pr.yml (3)

• actions/checkout v6
• actions/setup-python v6
• python 3.14

.github/workflows/template-smoke-test.yml (3)

• actions/checkout v6
• actions/setup-python v6
• python 3.14

template/.github/workflows/ci-{{app_name}}.yml.jinja (2)

• actions/checkout v6
• actions/checkout v6

regex (2)

template/{{app_name}}/Dockerfile (1)

• registry.docker.com/library/ruby 3.4.9 → [Updates: 4.0.5]

template/{{app_name}}/Dockerfile (1)

• registry.docker.com/library/ruby 3.4.9 → [Updates: 4.0.5]

renovate-config (1)

renovate.json

ruby-version (1)

template/{{app_name}}/.ruby-version (1)

• ruby 3.4.9 → [Updates: 4.0.5]

---

• Check this box to trigger a request for Renovate to run again on this repository