Skip to content

chore(config): migrate renovate config #419

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
+30 −48
Open

chore(config): migrate renovate config #419

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
78 changes: 30 additions & 48 deletions renovate.json5
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,56 +1,38 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"description": "Custom Renovate configuration",
"extends": [
// Custom Manager Presets (https://docs.renovatebot.com/presets-customManagers/)
"customManagers:githubActionsVersions", // manages _VERSION variables in GitHub Action workflows

// Default Presets (https://docs.renovatebot.com/presets-default/)
":approveMajorUpdates", // major dependency updates need to be approved via dashboard before PR is created
$schema: "https://docs.renovatebot.com/renovate-schema.json",
description: "Custom Renovate configuration",
extends: [
"customManagers:githubActionsVersions",
":approveMajorUpdates",
":assignAndReview(devtobi)",
":automergePatch",
":disableRateLimiting", // allows unlimited creation of PRs
":enableVulnerabilityAlertsWithLabel(security)", // custom label for security PRs created by Renovatebot
":label(dependency)", // custom label for PRs created by Renovatebot
":npm", // updating package.json and package-lock.json
":pinAllExceptPeerDependencies", // do version pinning except for peer dependencies
":rebaseStalePrs", // rebase Renovate PR branched when base branch is updated
":semanticCommits", // enabled semantic commits in PR titles
":separateMultipleMajorReleases", // separate major updates of dependencies into separate PRs
":timezone(Europe/Berlin)", // sets correct timezone for schedule based operations

// Full Config Presets (https://docs.renovatebot.com/presets-config/)
"config:best-practices", // enables best practices by the Renovate team

// Helper Presets (https://docs.renovatebot.com/presets-helpers/)
"helpers:pinGitHubActionDigestsToSemver", // enabled pinning the action digest with a semantic version comment

// npm Presets (https://docs.renovatebot.com/presets-npm/)
"npm:unpublishSafe", // used to make sure updates are only done after the npm package is "stable" (at least for 3 days)

// Schedule presets (https://docs.renovatebot.com/presets-schedule/)
"schedule:monthly", // Renovatebot will search weekly for available dependency updates

// Security presets (https://docs.renovatebot.com/presets-security/)
"security:openssf-scorecard" // show OpenSSF badge on pull requests to evaluate security health metrics for dependencies
":disableRateLimiting",
":enableVulnerabilityAlertsWithLabel(security)",
":label(dependency)",
":npm",
":pinAllExceptPeerDependencies",
":rebaseStalePrs",
":semanticCommits",
":separateMultipleMajorReleases",
":timezone(Europe/Berlin)",
"config:best-practices",
"helpers:pinGitHubActionDigestsToSemver",
"security:minimumReleaseAgeNpm",
"schedule:monthly",
"security:openssf-scorecard",
],
"packageRules": [
packageRules: [
{
"description": "Disable automerge for patch-level updates when pre-release version",
"matchUpdateTypes": ["patch"],
"matchCurrentVersion": "/^0\\./",
"automerge": false
description: "Disable automerge for patch-level updates when pre-release version",
matchUpdateTypes: ["patch"],
matchCurrentVersion: "/^0\\./",
automerge: false,
},
{
"groupName": "PrimeVue packages",
"groupSlug": "primevue",
"matchDatasources": [
"npm"
],
"matchPackageNames": [
"primevue",
"@primevue/*"
]
}
]
groupName: "PrimeVue packages",
groupSlug: "primevue",
matchDatasources: ["npm"],
matchPackageNames: ["primevue", "@primevue/*"],
},
],
}