Dependency Dashboard

[svc-secops]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Config Migration Needed

• Select this checkbox to let Renovate create an automated Config Migration PR.

Rate-Limited

The following updates are currently rate-limited. To force their creation now, click on a checkbox below.

• chore(deps): update graphqlcodegenerator monorepo (major) (@graphql-codegen/cli, @graphql-codegen/typescript, @graphql-codegen/typescript-resolvers)

PR Edited (Blocked)

The following updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox below.

• chore(deps): update dependency @apollo/server to v5.5.0 [security]
• chore(deps): update peter-evans/create-pull-request action to v8.1.1
• chore(deps): update graphqlcodegenerator monorepo (@graphql-codegen/cli, @graphql-codegen/typescript, @graphql-codegen/typescript-resolvers)
• chore(deps): update dependency typescript to v6
• chore(deps): lock file maintenance

Open

The following updates have all been created. To force a retry/rebase of any, click on a checkbox below.

• chore(deps): update dependency ajv to v8.18.0 [security]
• chore(deps): pin dependencies (@graphql-codegen/cli, @graphql-codegen/typescript, @graphql-codegen/typescript-resolvers, @types/jest, @types/node, jest, nodemon, ts-jest, ts-node, typescript)
• chore(deps): update dependency nodemon to ^3.1.11
• chore(deps): update dependency ts-jest to ^29.4.6
• chore(deps): update dependency @types/node to ^24.12.3
• Click on this checkbox to rebase all open PRs at once

PR Closed (Blocked)

The following updates are blocked by an existing closed PR. To recreate the PR, click on a checkbox below.

• chore(deps): update jest monorepo to v30 (major) (@types/jest, jest)

Vulnerabilities

Important

2/2 CVEs have Renovate fixes.

npm

package.json

ajv

• GHSA-2g4f-4pwh-qvx6 (fixed in >= 8.18.0)

start-with-typescript/package.json

@apollo/server

• GHSA-9q82-xgwf-vj6h (fixed in >= 5.5.0)

Detected Dependencies

dockerfile (1)

add-mcp/mcp.Dockerfile

github-actions (5)

.github/workflows/changelog-check.yml (1)

• actions/checkout v6

.github/workflows/sync-mcp-schema.yml (2)

• actions/checkout v6
• peter-evans/create-pull-request v8.1.0@c0f553fe549906ede9cf27b5156039d195d2ece0 → [Updates: v8.1.1]

.github/workflows/templates-test.yml (3)

• actions/checkout v6
• actions/setup-node v6
• node 24

.github/workflows/test.yml (3)

• actions/checkout v6
• actions/setup-node v6
• node 24

.github/workflows/validate-templates.yml (3)

• actions/checkout v6
• actions/setup-node v6
• node 24

npm (2)

package.json (1)

• ajv ^8.12.0 → [Updates: ^8.12.0]

start-with-typescript/package.json (13)

• @apollo/server ^5.0.0 → [Updates: ^5.0.0]
• @apollo/subgraph ^2.3.1
• @graphql-codegen/cli ^6.0.0 → [Updates: 6.1.1, ^6.1.1, ^7.0.0]
• @graphql-codegen/typescript ^5.0.0 → [Updates: 5.0.7, ^5.0.7, ^6.0.0]
• @graphql-codegen/typescript-resolvers ^5.0.0 → [Updates: 5.1.5, ^5.1.5, ^6.0.0]
• @types/jest ^29.0.3 → [Updates: 29.5.14, ^30.0.0]
• @types/node ^24.0.0 → [Updates: 24.10.10, ^24.12.3]
• jest ^29.0.3 → [Updates: 29.7.0, ^30.0.0]
• nodemon ^3.0.0 → [Updates: 3.1.11, ^3.1.11]
• ts-jest ^29.0.2 → [Updates: 29.4.6, ^29.4.6]
• ts-node ^10.9.1 → [Updates: 10.9.2]
• typescript ^5.9.2 → [Updates: 5.9.3, ^6.0.0]
• node >=18.0