Dependency Dashboard

[svc-secops]

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Awaiting Schedule

These updates are awaiting their schedule. Click on a checkbox to get an update now.

• chore(deps): lock file maintenance

Edited/Blocked

These updates have been manually edited so Renovate will no longer make changes. To discard all commits and start over, click on a checkbox.

• chore(deps): update dependency nodemon to v3.1.11
• chore(deps): update dependency concurrently to v9.2.1
• fix(deps): update dependency express to v5
• fix(deps): update dependency express-rate-limit to v8

Other Branches

These updates are pending. To force PRs open, click the checkbox below.

• chore(deps): update node.js to v20.20.0
• chore(deps): update node.js to v24

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

• fix(deps): update dependency @apollo/server to v4.13.0 [security]

Vulnerabilities

4/4 CVEs have Renovate fixes.

npm

services/accounts/package.json

@apollo/server

• GHSA-mp6q-xf9x-fwf7 (fixed in >= 4.13.0)

services/inventory/package.json

@apollo/server

• GHSA-mp6q-xf9x-fwf7 (fixed in >= 4.13.0)

services/products/package.json

@apollo/server

• GHSA-mp6q-xf9x-fwf7 (fixed in >= 4.13.0)

services/reviews/package.json

@apollo/server

• GHSA-mp6q-xf9x-fwf7 (fixed in >= 4.13.0)

Detected dependencies

circleci

.circleci/config.yml

• secops 2.0.7

dockerfile

services/accounts/Dockerfile

• docker/dockerfile 1
• node 20.11.1-slim

services/inventory/Dockerfile

• docker/dockerfile 1
• node 20.11.1-slim

services/products/Dockerfile

• docker/dockerfile 1
• node 20.11.1-slim

services/reviews/Dockerfile

• docker/dockerfile 1
• node 20.11.1-slim

npm

package.json

• concurrently 9.1.2
• nodemon 3.1.9

services/accounts/package.json

• @apollo/server ^4.9.4
• @apollo/subgraph ^2.5.6
• cors ^2.8.5
• express ^4.17.1
• express-rate-limit ^5.5.1
• graphql ^16.8.1

services/inventory/package.json

• @apollo/server ^4.9.4
• @apollo/subgraph ^2.5.6
• cors ^2.8.5
• express ^4.17.1
• express-rate-limit ^5.5.1
• graphql ^16.8.1

services/products/package.json

• @apollo/server ^4.9.4
• @apollo/subgraph ^2.5.6
• cors ^2.8.5
• express ^4.17.1
• express-rate-limit ^5.5.1
• graphql ^16.8.1

services/reviews/package.json

• @apollo/server ^4.9.4
• @apollo/subgraph ^2.5.6
• cors ^2.8.5
• express ^4.17.1
• express-rate-limit ^5.5.1
• graphql ^16.8.1