Dependency Dashboard

[ll-renovate-bot]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• Update actions/checkout action to v6.0.3
• Update astral-sh/setup-uv action to v8.2.0
• Update pre-commit hooks to v43.211.0
• 🔐 Create all rate-limited PRs at once 🔐

Pending Status Checks

The following updates await pending status checks. To force their creation now, click on a checkbox below.

• Update codecov/codecov-action action to v6.0.2
• Update renovatebot/github-action action to v46.1.15
• Update sigstore/gh-action-sigstore-python action to v3.4.0
• Update codecov/codecov-action action to v7

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• Update dependency django to v6.0.6 [SECURITY]
• Lock file maintenance
• Click on this checkbox to rebase all open PRs at once

Vulnerabilities

Important

5/5 CVEs have Renovate fixes.

pep621

pyproject.toml

django

• PYSEC-2026-197 (fixed in >= 6.0.6)
• PYSEC-2026-198 (fixed in >= 6.0.6)
• PYSEC-2026-199 (fixed in >= 6.0.6)
• PYSEC-2026-200 (fixed in >= 6.0.6)
• PYSEC-2026-201 (fixed in >= 6.0.6)

Detected Dependencies

github-actions (5)

.github/workflows/build.yml (8)

• actions/checkout v6@df4cb1c069e1874edd31b4311f1884172cec0e10
• actions/setup-python v6@a309ff8b426b58ec0e2a45f0f869d46889d02405
• actions/upload-artifact v7@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• pypa/gh-action-pypi-publish release/v1@cef221092ed1bacb1cc03d23a2d87d1d172e277b
• actions/download-artifact v8@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• sigstore/gh-action-sigstore-python v3.3.0@04cffa1d795717b140764e8b640de88853c92acc → [Updates: v3.4.0]
• python 3.14

.github/workflows/pre-commit.yml (3)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• actions/cache v5.0.5@27d5ce7f107fe9357f9df03efb73ab90386fccae
• pre-commit/action v3.0.1@2c7b3805fd2a0fd8c1884dcaebf91fc102a13ecd

.github/workflows/renovate-lockfile.yml (1)

• actions/create-github-app-token v3@bcd2ba49218906704ab6c1aa796996da409d3eb1

.github/workflows/renovate.yml (3)

• actions/create-github-app-token v3@bcd2ba49218906704ab6c1aa796996da409d3eb1
• actions/checkout v6@df4cb1c069e1874edd31b4311f1884172cec0e10
• renovatebot/github-action v46.1.14@693b9ef15eec82123529a37c782242f091365961 → [Updates: v46.1.15]

.github/workflows/test.yml (4)

• actions/checkout v6.0.2@de0fac2e4500dabe0009e67214ff5f5447ce83dd → [Updates: v6.0.3]
• astral-sh/setup-uv v8.1.0@08807647e7069bb48b6ef5acd8ec9567f424441b → [Updates: v8.2.0]
• codecov/codecov-action v6.0.1@e79a6962e0d4c0c17b229090214935d2e33f8354 → [Updates: v6.0.2, v7.0.0]
• codecov/codecov-action v6.0.1@e79a6962e0d4c0c17b229090214935d2e33f8354 → [Updates: v6.0.2, v7.0.0]

pep621 (1)

pyproject.toml (10)

• python >=3.10
• pydantic-settings >=2.13
• pydantic >=2.7
• mypy ==2.1.*
• pytest-cov ==7.1.*
• pytest-mock ==3.15.*
• pytest ==9.0.*
• django >=5.2 → [Updates: >=5.2]
• tomlkit >=0.11.6
• ruamel-yaml >=0.17.0

pre-commit (1)

.pre-commit-config.yaml (8)

• pre-commit/pre-commit-hooks v6.0.0
• adrienverge/yamllint v1.38.0
• python-jsonschema/check-jsonschema 0.37.2
• astral-sh/ruff-pre-commit v0.15.15 → [Updates: v0.15.16]
• macisamuele/language-formatters-pre-commit-hooks v2.16.0
• ninoseki/uv-sort v0.7.0
• prettier 3
• renovatebot/pre-commit-hooks 43.204.0 → [Updates: 43.211.0]