Dependency Dashboard: Updates And Detected Dependencies

by SLV Team 56 views
Dependency Dashboard: Updates and Detected Dependencies

Hey guys! This is your go-to spot for all things related to dependency updates and detected dependencies, powered by Renovate. Think of this as your mission control for keeping everything in your infrastructure ship-shape. If you're new to this, definitely check out the Dependency Dashboard docs – it’s packed with awesome info to get you up to speed.

Errored Updates: Let's Get These Fixed

So, a few updates hit a snag and are currently in retry mode. No sweat, it happens! To give these another nudge, just click the checkbox next to each item. This will force a retry and hopefully get things moving again. Think of it as giving your system a little 'wake-up' call. Why do these errors occur? They could be anything from temporary network issues to API rate limits, or even a hiccup in the dependency itself. It’s all part of the updating game, and we’re here to make it as smooth as possible.

  • [ ] chore(deps): update portainer/portainer-ee:lts docker digest to 7f751da
  • [ ] chore(deps): update traefik:v3.5.4 docker digest to 4df0a50
  • [ ] chore(deps): update henrygd/beszel docker tag to v0.15.3
  • [ ] chore(deps): update immich monorepo to v2.2.1 (ghcr.io/immich-app/immich-machine-learning, ghcr.io/immich-app/immich-server)
  • [ ] chore(deps): update ghcr.io/linuxserver/lidarr docker tag to v3

These errors are an integral part of maintaining a healthy and secure system. By catching these issues early, we prevent potential cascading failures or vulnerabilities. For example, a Docker digest mismatch might indicate a corrupted image or an unexpected change. Retrying ensures that we're pulling the correct and intended version. Similarly, updates to monorepos like Immich require careful handling to ensure all components are compatible after the upgrade. Our retry mechanism helps us manage these complexities without manual intervention, ensuring your systems remain stable and up-to-date.

Other Branches: Pending Updates Awaiting Your Go-Ahead

Next up, we have some updates that are ready and waiting in the wings! These are sitting in their own branches, ready to be merged. To kick things off and create a Pull Request (PR), just give that checkbox a click. This is super useful when you want to review changes before they go live – a best practice, especially for critical components. These branches are essentially isolated environments where updates are staged, allowing you to test compatibility and ensure everything works as expected before integration.

  • [ ] chore(deps): pin dependencies (actions/checkout, mariadb, renovatebot/github-action, rommapp/romm)
  • [ ] chore(deps): update renovatebot/github-action action to v43.0.19

Pinning dependencies, for instance, is crucial for maintaining consistent build environments. By locking specific versions of actions or libraries, we avoid unexpected behavior caused by automatic updates. This level of control is essential for ensuring the reliability and reproducibility of our infrastructure. Likewise, updating Renovate's own GitHub Action ensures we're leveraging the latest features and security enhancements from the tool itself. Staying current with such updates is a proactive step in securing your automated workflows and dependency management processes.

Detected Dependencies: A Deep Dive

Alright, let's dive into the heart of the matter – the detected dependencies! This is where we break down exactly what's running in your infrastructure. We’ve organized everything by category to make it easier to navigate. Each section gives you the lowdown on the Docker Compose files, Flux configurations, GitHub Actions, and Terraform setups. This comprehensive view allows you to quickly assess the current state of your dependencies, identify potential upgrade paths, and ensure compliance with your organization's policies.

docker-compose

Docker Compose is a linchpin of many modern infrastructure setups, enabling the orchestration of multi-container Docker applications. Here, we provide a detailed breakdown of the images and versions used across your Docker Compose files. Understanding these dependencies is crucial for identifying potential vulnerabilities, planning upgrades, and ensuring compatibility between services. Each image is listed with its tag and SHA256 digest, offering a clear picture of the exact version deployed. Regularly reviewing these dependencies helps to maintain a secure and efficient system, reducing the risk of service disruptions caused by outdated or insecure components.

docker/arrs/compose.yml
  • ghcr.io/linuxserver/radarr 5.28.0.10274-ls286@sha256:c984533510abe0219a70e80d15bd0d212b7df21baa0913759c4ce6cc9092240b
  • ghcr.io/linuxserver/sonarr 4.0.15.2941-ls296@sha256:fbe67c25693dc5f3de220c5691f374576ae265df782c16918cc071b630490bd7
  • ghcr.io/linuxserver/lidarr 2.14.5.4836-ls9@sha256:5e1235d00b5d1c1f60ca0d472e554a6611aef41aa7b5b6d88260214bf4809af0
  • ghcr.io/linuxserver/prowlarr 2.1.5.5216-ls131@sha256:643220338204525524db787ff38a607261597f49d1f550694acdb3e908e2b43e
docker/audiobookshelf/compose.yml
  • ghcr.io/advplyr/audiobookshelf 2.30.0@sha256:6fbd7dc95d53c6e168ce69e760b87c334e3b9ba88bf7b8531ed5a116d5d6da03
docker/beszel/compose.yml
  • henrygd/beszel 0.15.0@sha256:e8cbf3d0c6ed15e046b5a5757f0f34198514cc81f465aef80ae0ba2fa264f0f5
docker/downloads/compose.yml
  • ghcr.io/linuxserver/deluge 2.2.0-r1-ls352@sha256:6d601d4ce4559196a6a5b3e7921cc3c90e52f37501488ab18da146927776500d
  • ghcr.io/linuxserver/sabnzbd 4.5.5-ls236@sha256:6e6e7abf7a87436ffccd7df41e64a28df9c530e2be5467339a3f5f0518922b49
docker/freshrss/compose.yml
  • ghcr.io/linuxserver/freshrss 1.27.1-ls285@sha256:39c91af5f39b4a369cb03296d8740541319ae1ac693a0454a4621039a2338ccb
docker/immich/compose.yml
  • ghcr.io/immich-app/immich-server v2.1.0@sha256:72a9b9de6c6abfa7a9c9cdc244ae4d2bd9fea2ae00997f194cbd10aca72ea210
  • ghcr.io/immich-app/immich-machine-learning v2.1.0@sha256:24bfef29bc5c0923c64c98810931eda1449a4b237e6704a715605761bc107ae4
docker/init/compose.yml
  • portainer/portainer-ee lts@sha256:3d9951ce9b3c1d2a83b9f5cb951e0c9bd196406c42e91040b30c44be443231a1
  • traefik v3.5.4@sha256:fa528d4565c8c279328c12d466325ee0f65804a75bcdbef737290664ad971d68
  • ghcr.io/pocket-id/pocket-id v1.14.2@sha256:75313e13a7ff08939eb19ebcdf12299e7be63e2a94d3cada5cc5abd7ace81e59
  • 1password/connect-api 1.8.1@sha256:8fe7bcd50c9e73899e0a1aa5aa43421ca75fbceacb33dd07f6418c4116e637a1
  • 1password/connect-sync 1.8.1@sha256:d5e937b2b7e314dbbaffacf469dc8f30376b5954a3ad836c8d96e6cb579d7fab
docker/jellyfin/compose.yml
  • jellyfin/jellyfin 10.11.1@sha256:c7dd335d455c95ad3fe7550824d93ceb911914bf4210e7899e11f9611ae53a92
  • ghcr.io/fallenbagel/jellyseerr 2.7.3@sha256:9cc9e9ee6cd5cf5a23feb45c37742ba34cfd6314d81d259cddb373a97ac92cdd
docker/komga/compose.yaml
  • gotson/komga 1.23.5@sha256:85f0be8920742341217f2b2bdafef64da1f6062ae472dcf74426a9fa549c8a05
docker/minecraft/compose.yml
docker/miniflux/compose.yml
  • miniflux/miniflux 2.2.14@sha256:02e50d5b277857e3600c14ec1a6a064a82320077914d8eb546691a5f4c1d406c
  • postgres 18-alpine@sha256:48c8ad3a7284b82be4482a52076d47d879fd6fb084a1cbfccbd551f9331b0e40
docker/nextcloud/compose.yml
  • nextcloud 32.0.1@sha256:1e4eae55eebe094cae6f9e7b6e0b4bccf4a4fe7b7e6f6f8f57010994b3b2ee42
  • nextcloud 32.0.1@sha256:1e4eae55eebe094cae6f9e7b6e0b4bccf4a4fe7b7e6f6f8f57010994b3b2ee42
  • postgres alpine@sha256:48c8ad3a7284b82be4482a52076d47d879fd6fb084a1cbfccbd551f9331b0e40
  • redis alpine@sha256:59b6e694653476de2c992937ebe1c64182af4728e54bb49e9b7a6c26614d8933
docker/owncloud/compose.yml
  • owncloud/server 10.16.0@sha256:458db29e9e297aa360ee6e1229105c44dba630b6b62f202c048a821b3bca77ea
  • mariadb 12.0.2@sha256:5b6a1eac15b85b981a61afb89aea2a22bf76b5f58809d05f0bcc13ab6ec44cb8
  • redis 8@sha256:4521b581dbddea6e7d81f8fe95ede93f5648aaa66a9dacd581611bf6fe7527bd
docker/pinchflat/compose.yml
  • ghcr.io/kieraneglin/pinchflat v2025.6.6@sha256:4e975edf58f0861a5cbfe8fc6aac4851ff5a02dfc3f05ffeea4982e3084a5a4a
docker/plex/compose.yml
  • plexinc/pms-docker 1.42.2.10156-f737b826c@sha256:9c03c26b9479ba9a09935f3367459bfdc8d21545f42ed2a13258983c5be1b252
  • ghcr.io/linuxserver/tautulli v2.16.0-ls207@sha256:f8b84be159b6e413db2b60426154522ceaf33d7190489c160de415501d5e722e
  • ghcr.io/linuxserver/overseerr v1.34.0-ls151@sha256:c5f3c0c246f121b5e4bc8cda2b6e22806f1e1443fc4235c3c050e5b09ae8eda7
  • ghcr.io/jorenn92/maintainerr 2.19.0@sha256:bee84707edaf589cda3d18b6813cbfe3a137b52786210c3a28190e10910c1240
docker/romm/compose.yml
  • rommapp/romm 4.3.2
  • mariadb 12.0.2
docker/wallabag/compose.yml
  • wallabag/wallabag 2.6.14@sha256:4a527e027e0d59e87c14225ef11e005af3d4890374202ad319ce5e63dfc66709
  • mariadb sha256:5b6a1eac15b85b981a61afb89aea2a22bf76b5f58809d05f0bcc13ab6ec44cb8
  • redis alpine@sha256:59b6e694653476de2c992937ebe1c64182af4728e54bb49e9b7a6c26614d8933
flux

Flux is our GitOps tool of choice, and this section details the versions of Flux components running in your Kubernetes clusters. Maintaining an up-to-date Flux deployment is vital for leveraging the latest features, performance improvements, and security patches. The listing includes the version of the Flux CLI and its components, ensuring that your deployment workflows are operating at peak efficiency. Regular audits and updates of these components are crucial for maintaining the integrity and reliability of your Kubernetes deployments.

kubernetes/clusters/prod/flux-system/gotk-components.yaml
  • fluxcd/flux2 v2.7.3
github-actions

GitHub Actions automate our workflows, and tracking their dependencies is essential for consistent and secure builds. This section provides a snapshot of the actions used in your workflows, enabling you to identify outdated versions or potential security vulnerabilities. Regularly reviewing and updating these actions ensures that your automated processes are running on the latest, most secure foundations. It also facilitates compliance with organizational standards and industry best practices for CI/CD pipelines.

.github/workflows/renovate.yaml
  • actions/checkout v5.0.0
  • renovatebot/github-action v43.0.13
terraform

Terraform manages our infrastructure as code, and understanding its dependencies is critical for stable deployments. This section lists the providers and modules used in your Terraform configurations. By monitoring these dependencies, you can ensure compatibility, plan upgrades, and mitigate potential risks associated with outdated or unsupported components. The versions of local providers, cloud providers (like Proxmox), and other tools (like 1Password) are detailed here, offering a comprehensive view of your infrastructure's building blocks.

terraform/main.tf
terraform/versions.tf
  • local 2.5.3
  • onepassword 2.2.0
  • proxmox 3.0.2-rc05
  • hashicorp/terraform >= 1.6.0

That's the rundown for now! Keep an eye on this dashboard, guys, it’s your key to a smooth and secure infrastructure. Happy updating!