Dependency Dashboard

[renovate-sh-app]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Repository Problems

Renovate tried to run on this repository, but found these problems.

• ⚠️ WARN: Error updating branch: update failure
• ⚠️ WARN: Package lookup failures

Abandoned Dependencies

Note

Packages are marked as abandoned when they exceed the abandonmentThreshold since their last release. Unlike deprecated packages with official notices, abandonment is detected by release inactivity.

These dependencies have not received updates for an extended period and may be unmaintained:

View abandoned dependencies (5)

Datasource	Package	Last Updated
gomod	github.com/go-kit/log	2022-04-27
gomod	github.com/gogo/protobuf	2021-01-10
gomod	github.com/golang/snappy	2023-12-25
gomod	github.com/grafana/memberlist	2021-11-12
gomod	github.com/pkg/errors	2020-01-14

Errored

The following updates encountered an error and will be retried. To force a retry now, click on a checkbox below.

• chore(deps): pin dependencies (golangci/golangci-lint, grafana/writers-toolkit)

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• chore(deps): update softprops/action-gh-release action to v2.6.2
• chore(deps): update softprops/action-gh-release action to v3

---

Warning

Renovate failed to look up the following dependencies: Failed to look up github-tags package aquasecurity/trivy-action: no-result.

Files affected: .github/workflows/docker.yml

---

Other Branches

The following updates are pending. To force the creation of a PR, click on a checkbox below.

• chore(deps): lock file maintenance

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update actions/checkout digest to de0fac2
• chore(deps): update actions/setup-go digest to 4a36011
• chore(deps): update github.com/grafana/memberlist digest to 4887d8e
• chore(deps): update golang:1.26-alpine docker digest to c2a1f7b
• fix(deps): update github.com/grafana/dskit digest to 18c15d1
• fix(deps): update module github.com/grafana/loki/v3 to v3.7.1
• fix(deps): update module github.com/prometheus/prometheus to v0.311.1
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• fix(deps): update module github.com/grafana/loki/pkg/push to v0.4.0
• fix(deps): update module github.com/grafana/loki/pkg/push to v3

Vulnerabilities

Renovate has not found any CVEs on osv.dev.

Detected Dependencies

dockerfile (1)

Dockerfile (2)

• golang 1.26-alpine@sha256:2389ebfa5b7f43eeafbd6be0c3700cc46690ef842ad962f6c5bd6be49ed82039 → [Updates: 1.26-alpine]
• public.ecr.aws/lambda/provided al2023.2026.02.27.21@sha256:9ee3f032d4063febdf42a2a1f15149ce8358130753e48fcaf86eae731fab38ff

github-actions (7)

.github/workflows/cloudformation.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• scottbrenner/cfn-lint-action v2.6.0@9636da81fb2e0cef75725d8dda11b0148940b7ae

.github/workflows/docker.yml (3)

• actions/checkout v6@8e8c483db84b4bee98b60c0593521ed34d9990e8 → [Updates: v6]
• aquasecurity/trivy-action 0.35.0@97e0b3872f55f89b95b2f65b3dbab56962816478
• github/codeql-action v4.35.1@c10b8064de6f491fea524254123dbe5e09572f13

.github/workflows/docs-ci.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/changed-files v47.0.5@2e07db73e5ccdb319b9a6c7766bd46d39d304bad
• grafana/writers-toolkit main → [Updates: main]

.github/workflows/go.yml (4)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6]
• golangci/golangci-lint-action v9@1e7e51e771db61008b38414a730f564565cf7c20
• golangci/golangci-lint v2.11.4 → [Updates: v2.11.4]

.github/workflows/issues.yml

.github/workflows/publish-technical-documentation-next.yml (2)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• grafana/writers-toolkit publish-technical-documentation/v1@9aed4f7c5b3caa1b58d72ee39232333407d4acbf

.github/workflows/release.yml (5)

• actions/checkout v6@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/setup-go v6@4b73464bb391d4059bd26b0524d20df3927bd417 → [Updates: v6]
• grafana/shared-workflows aws-auth/v1.0.3@85022085ed5314601c05d10e846de56bdd71e369
• grafana/shared-workflows aws-auth/v1.0.3@85022085ed5314601c05d10e846de56bdd71e369
• softprops/action-gh-release v2.6.1@153bb8e04406b158c6c84fc1615b65b24149a1fe → [Updates: v2.6.2, v3.0.0]

gomod (1)

go.mod (21)

• go 1.25.7
• github.com/aws/aws-lambda-go v1.54.0
• github.com/aws/aws-sdk-go-v2 v1.41.5
• github.com/aws/aws-sdk-go-v2/config v1.32.14
• github.com/aws/aws-sdk-go-v2/service/s3 v1.99.0
• github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.41.5
• github.com/aws/aws-sdk-go-v2/service/ssm v1.68.4
• github.com/aws/smithy-go v1.24.3
• github.com/go-kit/log v0.2.1
• github.com/gogo/protobuf v1.3.2
• github.com/golang/snappy v1.0.0
• github.com/grafana/dskit v0.0.0-20260324093927-3167f499dfc0@3167f499dfc0 → [Updates: v0.0.0-20260324093927-3167f499dfc0]
• github.com/grafana/loki/pkg/push v0.0.0-20260106103740-2203c1d8e8fa@2203c1d8e8fa → [Updates: v0.4.0, v3.7.1]
• github.com/grafana/loki/v3 v3.6.8 → [Updates: v3.7.1]
• github.com/grafana/regexp v0.0.0-20250905093917-f7b3be9d1853@f7b3be9d1853
• github.com/pkg/errors v0.9.1
• github.com/prometheus/client_golang v1.23.2
• github.com/prometheus/common v0.67.5
• github.com/prometheus/prometheus v0.308.1 → [Updates: v0.311.1]
• github.com/stretchr/testify v1.11.1
• github.com/grafana/memberlist v0.3.1-0.20251126142931-6f9f62ab6f86@6f9f62ab6f86 → [Updates: v0.3.1-0.20251126142931-6f9f62ab6f86]

terraform (1)

versions.tf (1)

• hashicorp/terraform >= 0.15

---

Need help?

You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section.