{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended",
    ":dependencyDashboard",
    ":semanticCommits",
    ":timezone(Europe/Berlin)",
    "schedule:weekly"
  ],
  "labels": [
    "dependencies",
    "renovate"
  ],
  "assignees": [
    "JonKazama-Hellion"
  ],
  "prHourlyLimit": 10,
  "prConcurrentLimit": 20,
  "rebaseWhen": "behind-base-branch",
  "packageRules": [
    {
      "description": "Group all minor and patch updates per ecosystem in one PR",
      "matchUpdateTypes": [
        "minor",
        "patch"
      ],
      "groupName": "minor and patch updates ({{manager}})"
    },
    {
      "description": "Major updates always get their own PR with breaking-change label",
      "matchUpdateTypes": [
        "major"
      ],
      "labels": [
        "dependencies",
        "major-update",
        "breaking-change"
      ],
      "addLabels": [
        "needs-review"
      ]
    },
    {
      "description": "TypeScript type definitions stay grouped with each other",
      "matchPackagePrefixes": [
        "@types/"
      ],
      "groupName": "type definitions"
    },
    {
      "description": "Dev dependencies in their own group",
      "matchDepTypes": [
        "devDependencies"
      ],
      "groupName": "dev dependencies"
    },
    {
      "description": "Pin GitHub Action versions by SHA for supply-chain hygiene",
      "matchManagers": [
        "github-actions"
      ],
      "pinDigests": true
    }
  ],
  "vulnerabilityAlerts": {
    "labels": [
      "security",
      "vulnerability"
    ],
    "schedule": [
      "at any time"
    ],
    "prPriority": 10
  },
  "lockFileMaintenance": {
    "enabled": true,
    "schedule": [
      "before 6am on monday"
    ],
    "commitMessageAction": "Refresh"
  },
  "osvVulnerabilityAlerts": true
}