I’m really bad at keeping my dependencies up-to-date manually, so dependabot was great for me. I don’t use github anymore though, and I haven’t really been able to find a good alternative.
I found Snyk, which seems to do that, but they only allow logging in with 3rd party providers which I’m not a big fan of.
Edit: seems like Snyk also only supports a few git hosts, and Codeberg isn’t one of them.
Afaik you can self-host the Renovate bot, though don’t remember if it’s fully open source & self-contained.
Nice, that looks promising! I’ll have to look into it a bit more.
Been using Renovate a few months now. On large repos it can take a while to run (the git api is slow for certain pages when comparing commits), but it does seem to work well! It’s even got CVE notifications