Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Awaiting Schedule

The following updates are awaiting their schedule. To get an update now, click on a checkbox below.

• Update github-actions (astral-sh/setup-uv, cbrgm/mastodon-github-action, github/codeql-action, metcalfc/changelog-generator, shivammathur/setup-php, step-security/harden-runner)

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• Update root-composer (major) (phpunit/phpunit, symfony/process)

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update github-actions (major) (Eomm/why-don-t-you-tweet, WyriHaximus/github-action-get-previous-tag, actions/checkout, actions/deploy-pages, actions/download-artifact, actions/upload-artifact, actions/upload-pages-artifact, astral-sh/setup-uv, dessant/lock-threads, peter-evans/create-pull-request)

Detected Dependencies

composer (2)

apigen/composer.json (1)

• apigen/apigen ^7.0.0

composer.json (10)

• php ^7.4 || ^8.0
• doctrine/annotations ^2.0
• nikic/php-parser ^5.3.0
• php-parallel-lint/php-parallel-lint ^1.2
• phpstan/extension-installer ^1.0
• phpstan/phpstan ^2.0
• phpstan/phpstan-phpunit ^2.0
• phpstan/phpstan-strict-rules ^2.0
• phpunit/phpunit ^9.6 → [Updates: ^13.0]
• symfony/process ^5.2 → [Updates: ^8.0]

github-actions (12)

.github/workflows/apiref.yml (9)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]
• actions/upload-artifact v4.6.2@ea165f8d65b6e75b540449e92b4886f43607fa02 → [Updates: v7.0.0]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/download-artifact v4.3.0@d3f86a106a0bac45b974a628896c90dbdf5c8093 → [Updates: v8.0.1]
• actions/upload-pages-artifact v3.0.1@56afc609e74202658d3ffba0e8f6dda462b719fa → [Updates: v4.0.0]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/deploy-pages v4.0.5@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e → [Updates: v5.0.0]

.github/workflows/backward-compatibility.yml (3)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]

.github/workflows/build.yml (13)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]

.github/workflows/create-tag.yml (6)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• WyriHaximus/github-action-get-previous-tag v1.4.0@04e8485ecb6487243907e330d522ff60f02283ce → [Updates: v2.0.0]
• WyriHaximus/github-action-next-semvers v1@d079934efaf011a4cf8912d4637097fe35d32b93
• rickstaa/action-create-tag v1.7.2@a1c7777fcb2fee4f19b0f283ba888afa11678b72
• rickstaa/action-create-tag v1.7.2@a1c7777fcb2fee4f19b0f283ba888afa11678b72

.github/workflows/lint-workflows.yml (14)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• synacktiv/action-octoscan v1.0.0@6b1cf2343893dfb9e5f75652388bd2dc83f456b0
• github/codeql-action v4.32.4@89a39a4e59826350b863aa6b6252a07ad50cf83e → [Updates: v4.35.1]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• boostsecurityio/poutine-action v0.15.2@84c0a0d32e8d57ae12651222be1eb15351429228
• github/codeql-action v4.32.4@89a39a4e59826350b863aa6b6252a07ad50cf83e → [Updates: v4.35.1]
• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• astral-sh/setup-uv v7.3.0@eac588ad8def6316056a12d4907a9d4d84ff7a3b → [Updates: v7.6.0, v8.0.0]
• github/codeql-action v4.31.9@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 → [Updates: v4.35.1]

.github/workflows/lock-closed-issues.yml (2)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• dessant/lock-threads v5.0.1@1bf7ec25051fe7c00bdd17e6a7cf3d7bfb7dc771 → [Updates: v6.0.0]

.github/workflows/merge-maintained-branch.yml (3)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• everlytic/branch-merge 1.1.5@c4a244dc23143f824ae6c022a10732566cb8e973

.github/workflows/release-toot.yml (2)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• cbrgm/mastodon-github-action v2.1.25@845250b56b82d94e26bf23984d5e0cf5ced6d18f → [Updates: v2.1.27]

.github/workflows/release-tweet.yml (2)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• Eomm/why-don-t-you-tweet v1.1.0@54e11450e21479faa5db172b9f2c10a29aedfc62 → [Updates: v2.0.0]

.github/workflows/release.yml (4)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• metcalfc/changelog-generator v4.6.2@3f82cef08fe5dcf57c591fe165e70e1d5032e15a → [Updates: v4.7.0]
• actions/create-release v1.1.4@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e

.github/workflows/send-pr.yml (4)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• peter-evans/create-pull-request v6.1.0@c5a7806660adbe173f04e3e038b0ccdcd758773c → [Updates: v8.1.0]

.github/workflows/test-slevomat-coding-standard.yml (4)

• step-security/harden-runner v2.14.2@5ef0c079ce82195b2a36a210272d6b661572d83e → [Updates: v2.16.1]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@44454db4f0199b8b9685a5d763dc37cbf79108e1 → [Updates: v2]

---

• Check this box to trigger a request for Renovate to run again on this repository