chore(deps): update golang docker tag to v1.26

chore(deps): update actions/checkout action to v6.0.2 (#10 )
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | patch | `v6.0.1` → `v6.0.2` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.2`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v602) [Compare Source](https://github.com/actions/checkout/compare/v6.0.1...v6.0.2) - Fix tag handling: preserve annotations and explicit fetch-tags by [@ericsciple](https://github.com/ericsciple) in [#2356](https://github.com/actions/checkout/pull/2356) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).  Reviewed-on: #10 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>
2026-02-10 21:32:54 +00:00 · 2026-01-22 18:51:33 +00:00 · 2026-01-21 20:48:03 +00:00 · 2026-01-19 20:24:58 +00:00 · 2026-01-13 20:07:00 +00:00
5 changed files with 24 additions and 12 deletions
--- a/.gitea/workflows-disabled/snyk.yml
+++ b/.gitea/workflows-disabled/snyk.yml
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -12,7 +12,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
-        uses: actions/checkout@v6.0.1
+        uses: actions/checkout@v6.0.2
        with:
          fetch-depth: 0

@@ -25,7 +25,7 @@ jobs:
      #     no-fail: true

      - name: Setup Go
-        uses: actions/setup-go@v6.1.0
+        uses: actions/setup-go@v6.2.0
        with:
          go-version: "1.25"

@@ -70,13 +70,13 @@ jobs:
      #     mv pyproject.toml pyproject.toml.bak
      #     mv uv.lock uv.lock.bak

-      - name: Snyk SAST Scan
-        uses: snyk/actions/golang@master
-        env:
-          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          # command: snyk
-          args: snyk code test #--all-projects --exclude=.archive
+      # - name: Snyk SAST Scan
+      #   uses: snyk/actions/golang@master
+      #   env:
+      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+      #   with:
+      #     # command: snyk
+      #     args: snyk code test #--all-projects --exclude=.archive

      # - name: Snyk Vulnerability Scan
      #   uses: snyk/actions/python@master
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -41,7 +41,7 @@ jobs:
          REPO: ${{ gitea.repository }}

      - name: Check out repository
-        uses: actions/checkout@v6.0.1
+        uses: actions/checkout@v6.0.2
        with:
          fetch-depth: 0
          ref: ${{ needs.tag.outputs.tag_name }}
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM golang:1.25-alpine as build
+FROM golang:1.26-alpine as build
 WORKDIR /go/src/app
 COPY . /go/src/app
 RUN CGO_ENABLED=0 go build -o /go/bin/app
--- a/renovate.json
+++ b/renovate.json
@@ -11,6 +11,8 @@
  "semanticCommits": "enabled",
  "semanticCommitScope": "deps",
  "semanticCommitType": "feat",
+  "osvVulnerabilityAlerts": true,
+  "dependencyDashboardOSVVulnerabilitySummary": "all",
  "vulnerabilityAlerts": {
    "commitMessagePrefix": "[SECURITY] ",
    "enabled": true,
@@ -19,5 +21,15 @@
  },
  "lockFileMaintenance": {
    "enabled": true
-  }
+  },
+  "packageRules": [
+    {
+      "matchDepTypes": ["devDependencies"],
+      "automerge": true
+    },
+    {
+      "matchUpdateTypes": ["patch"],
+      "automerge": true
+    }
+  ]
 }
Author	SHA1	Message	Date
renovate[bot]	e6ebab36b0	chore(deps): update golang docker tag to v1.26 All checks were successful Validate PR Title / validate (pull_request) Successful in 6s Details CI / ci (pull_request) Successful in 31s Details	2026-02-10 21:32:54 +00:00
renovate[bot]	6f95ecd969	chore(deps): update actions/checkout action to v6.0.2 (#10 ) Some checks failed Release / Tag release (push) Successful in 18s Details Release / Create Release (push) Successful in 6s Details Release / Publish Docker Images (push) Failing after 1m45s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [actions/checkout](https://github.com/actions/checkout) \| action \| patch \| `v6.0.1` → `v6.0.2` \| --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.2`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v602) [Compare Source](https://github.com/actions/checkout/compare/v6.0.1...v6.0.2) - Fix tag handling: preserve annotations and explicit fetch-tags by [@ericsciple](https://github.com/ericsciple) in [#2356](https://github.com/actions/checkout/pull/2356) </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Enabled. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44OS4yIiwidXBkYXRlZEluVmVyIjoiNDIuODkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #10 Reviewed-by: Luke Tainton <luke@tainton.uk> Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2026-01-22 18:51:33 +00:00
Luke Tainton	8c9f10ca9f	chore(ci): remove Snyk workflow for security monitoring (#9 ) Reviewed-on: #9	2026-01-21 20:48:03 +00:00
Luke Tainton	322cc70d7e	Update renovate.json (#8 ) All checks were successful Snyk / security (push) Successful in 27s Details Reviewed-on: #8	2026-01-19 20:24:58 +00:00
renovate[bot]	093d734199	chore(deps): update actions/setup-go action to v6.2.0 (#6 ) Some checks failed Release / Tag release (push) Successful in 8s Details Release / Create Release (push) Successful in 1s Details Release / Publish Docker Images (push) Failing after 1m11s Details Snyk / security (push) Successful in 27s Details This PR contains the following updates: \| Package \| Type \| Update \| Change \| \|---\|---\|---\|---\| \| [actions/setup-go](https://github.com/actions/setup-go) \| action \| minor \| `v6.1.0` → `v6.2.0` \| --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v6.2.0`](https://github.com/actions/setup-go/releases/tag/v6.2.0) [Compare Source](https://github.com/actions/setup-go/compare/v6.1.0...v6.2.0) #### What's Changed ##### Enhancements - Example for restore-only cache in documentation by [@aparnajyothi-y](https://github.com/aparnajyothi-y) in [#696](https://github.com/actions/setup-go/pull/696) - Update Node.js version in action.yml by [@ccoVeille](https://github.com/ccoVeille) in [#691](https://github.com/actions/setup-go/pull/691) - Documentation update of actions/checkout by [@deining](https://github.com/deining) in [#683](https://github.com/actions/setup-go/pull/683) ##### Dependency updates - Upgrade js-yaml from 3.14.1 to 3.14.2 by [@dependabot](https://github.com/dependabot) in [#682](https://github.com/actions/setup-go/pull/682) - Upgrade [@actions/cache](https://github.com/actions/cache) to v5 by [@salmanmkc](https://github.com/salmanmkc) in [#695](https://github.com/actions/setup-go/pull/695) - Upgrade actions/checkout from 5 to 6 by [@dependabot](https://github.com/dependabot) in [#686](https://github.com/actions/setup-go/pull/686) - Upgrade qs from 6.14.0 to 6.14.1 by [@dependabot](https://github.com/dependabot) in [#703](https://github.com/actions/setup-go/pull/703) #### New Contributors - [@ccoVeille](https://github.com/ccoVeille) made their first contribution in [#691](https://github.com/actions/setup-go/pull/691) - [@deining](https://github.com/deining) made their first contribution in [#683](https://github.com/actions/setup-go/pull/683) Full Changelog: <https://github.com/actions/setup-go/compare/v6...v6.2.0> </details> --- ### Configuration 📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied. ♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 Ignore: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi44MC4xIiwidXBkYXRlZEluVmVyIjoiNDIuODAuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsidHlwZS9kZXBlbmRlbmNpZXMiXX0=--> Reviewed-on: #6 Co-authored-by: renovate[bot] <renovate-bot@git.tainton.uk> Co-committed-by: renovate[bot] <renovate-bot@git.tainton.uk>	2026-01-13 20:07:00 +00:00