Dependency Dashboard

[renovate]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.
View this repository on the Mend.io Web Portal.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

---

Warning

Renovate failed to look up the following dependencies: Could not determine new digest for update (github-tags package ramsey/composer-install).

Files affected: .github/workflows/build.yml

---

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency phpunit/phpunit to v13
• Update github-actions (major) (actions/checkout, astral-sh/setup-uv, boostsecurityio/poutine-action, ramsey/composer-install)
• Click on this checkbox to rebase all open PRs at once

Detected Dependencies

composer (1)

composer.json (7)

• php ^7.4 || ^8.0
• phpstan/phpstan ^2.1.39
• php-parallel-lint/php-parallel-lint ^1.2
• phpstan/phpstan-deprecation-rules ^2.0
• phpstan/phpstan-phpunit ^2.0
• phpunit/phpunit ^9.6 → [Updates: ^13.0]
• shipmonk/name-collision-detector ^2.1

github-actions (7)

.github/workflows/build.yml (17)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• shivammathur/setup-php v2@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• shivammathur/setup-php v2@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• shivammathur/setup-php v2@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• shivammathur/setup-php v2@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v4.3.1@34e114876b0b11c390a56381ad16ebd13914f8d5 → [Updates: v6.0.2]
• shivammathur/setup-php v2@7c071dfe9dc99bdf297fa79cb49ea005b9fcadbc
• ramsey/composer-install v3@3cf229dc2919194e9e36783941438d17239e8520 → [Updates: 4.0.0]

.github/workflows/create-tag.yml (6)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• WyriHaximus/github-action-get-previous-tag v2.0.0@61819f33034117e6c686e6a31dba995a85afc9de
• WyriHaximus/github-action-next-semvers v1@d079934efaf011a4cf8912d4637097fe35d32b93
• rickstaa/action-create-tag v1.7.2@a1c7777fcb2fee4f19b0f283ba888afa11678b72
• rickstaa/action-create-tag v1.7.2@a1c7777fcb2fee4f19b0f283ba888afa11678b72

.github/workflows/lint-workflows.yml (14)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• synacktiv/action-octoscan v1.0.0@6b1cf2343893dfb9e5f75652388bd2dc83f456b0
• github/codeql-action v4.35.5@9e0d7b8d25671d64c341c19c0152d693099fb5ba
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• boostsecurityio/poutine-action v0.15.2@84c0a0d32e8d57ae12651222be1eb15351429228 → [Updates: v1.1.4]
• github/codeql-action v4.35.5@9e0d7b8d25671d64c341c19c0152d693099fb5ba
• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• astral-sh/setup-uv v7.6.0@37802adc94f370d6bfd71619e3f0bf239e1f3b78 → [Updates: v8.1.0]
• github/codeql-action v4.35.5@9e0d7b8d25671d64c341c19c0152d693099fb5ba

.github/workflows/lock-closed-issues.yml (2)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• dessant/lock-threads v6.0.0@7266a7ce5c1df01b1c6db85bf8cd86c737dadbe7

.github/workflows/release-toot.yml (2)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• cbrgm/mastodon-github-action v2.2.0@776364a15dd1171530479600c75363f7cbc89ef5

.github/workflows/release-tweet.yml (2)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• Eomm/why-don-t-you-tweet v2.0.0@d9ec12835f4d494dda920f95f885df3dba380493

.github/workflows/release.yml (4)

• step-security/harden-runner v2.19.3@ab7a9404c0f3da075243ca237b5fac12c98deaa5
• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd
• metcalfc/changelog-generator v4.7.0@0440d0932f9a0dd1cc9ecd8412830761351323bd
• actions/create-release v1.1.4@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e

---

• Check this box to trigger a request for Renovate to run again on this repository