renovate-bot
99c61cf7e3
Security / scan (pull_request) Successful in 15s
Moves prPriority out of vulnerabilityAlerts (only allowed in packageRules per schema). Fixes the recurring 'Found renovate config warnings' issue.
56 lines
1.7 KiB
JSON
56 lines
1.7 KiB
JSON
{
|
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
|
"extends": [
|
|
"config:recommended",
|
|
":dependencyDashboard",
|
|
":semanticCommits",
|
|
":timezone(Europe/Berlin)",
|
|
"schedule:weekly"
|
|
],
|
|
"labels": ["dependencies", "renovate"],
|
|
"assignees": ["JonKazama-Hellion"],
|
|
"prHourlyLimit": 10,
|
|
"prConcurrentLimit": 20,
|
|
"rebaseWhen": "behind-base-branch",
|
|
"packageRules": [
|
|
{
|
|
"description": "Group all minor and patch updates per ecosystem in one PR",
|
|
"matchUpdateTypes": ["minor", "patch"],
|
|
"groupName": "minor and patch updates ({{manager}})"
|
|
},
|
|
{
|
|
"description": "Major updates always get their own PR with breaking-change label",
|
|
"matchUpdateTypes": ["major"],
|
|
"labels": ["dependencies", "major-update", "breaking-change"],
|
|
"addLabels": ["needs-review"]
|
|
},
|
|
{
|
|
"description": "TypeScript type definitions stay grouped with each other",
|
|
"groupName": "type definitions",
|
|
"matchPackageNames": [
|
|
"@types/{/,}**"
|
|
]
|
|
},
|
|
{
|
|
"description": "Dev dependencies in their own group",
|
|
"matchDepTypes": ["devDependencies"],
|
|
"groupName": "dev dependencies"
|
|
},
|
|
{
|
|
"description": "Pin GitHub Action versions by SHA for supply-chain hygiene",
|
|
"matchManagers": ["github-actions"],
|
|
"pinDigests": true
|
|
}
|
|
],
|
|
"vulnerabilityAlerts": {
|
|
"labels": ["security", "vulnerability"],
|
|
"schedule": ["at any time"]
|
|
},
|
|
"lockFileMaintenance": {
|
|
"enabled": true,
|
|
"schedule": ["before 6am on monday"],
|
|
"commitMessageAction": "Refresh"
|
|
},
|
|
"osvVulnerabilityAlerts": true
|
|
}
|