feat(renovate): support SHA-pinned URLs in Renovate preset#21
Merged
zeitlinger merged 1 commit intomainfrom Feb 16, 2026
Merged
feat(renovate): support SHA-pinned URLs in Renovate preset#21zeitlinger merged 1 commit intomainfrom
zeitlinger merged 1 commit intomainfrom
Conversation
Update README and Renovate shared preset to use commit SHA pinning (with version comment) instead of tag-based URLs. Signed-off-by: Gregor Zeitlinger <gregor.zeitlinger@grafana.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the flint Renovate preset to support SHA-pinned raw.githubusercontent.com URLs instead of tag-based URLs. SHA pinning provides immutability guarantees since Git commit SHAs cannot be changed, while Git tags can be force-pushed. The version information is preserved via inline comments (e.g., # v0.3.0) that Renovate can parse and update.
Changes:
- Updated Renovate regex to match SHA-pinned URLs with version comments instead of tag-based URL paths
- Updated README documentation to demonstrate SHA-pinning pattern and explain the security benefits
- Added guidance on using
git rev-parseto find commit SHAs for release tags
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| default.json | Updated custom manager regex to capture commit SHA from URL and version from comment, enabling digest-based updates |
| README.md | Updated usage examples to show SHA-pinned URLs with version comments and added explanation of SHA pinning benefits |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
zeitlinger
pushed a commit
that referenced
this pull request
Feb 16, 2026
🤖 I have created a release *beep* *boop* --- ## [0.4.0](v0.3.0...v0.4.0) (2026-02-16) ### Features * **renovate:** support SHA-pinned URLs in Renovate preset ([#21](#21)) ([4fd1f28](4fd1f28)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
zeitlinger
pushed a commit
that referenced
this pull request
Apr 13, 2026
## flint v0.20.0 — Rust rewrite flint has been rewritten from scratch in Rust. The bash + Docker stack is replaced by a fast, cross-platform native binary with no container dependency. ### Highlights - **Native binary** — no Docker, no bash wrappers; runs anywhere mise can install a Rust crate - **Parallel linting** — all checks run concurrently - **Diff-aware** — only checks files changed since the merge base by default (`--full` for everything) - **`flint update`** — migrates obsolete `mise.toml` tool keys automatically (e.g. `ubi:` → `github:`, `npm:markdownlint-cli` → `npm:markdownlint-cli2`) - **`flint hook install`** — installs a pre-commit hook without any mise task knowledge - **New linters**: `gofmt`, `google-java-format`, `ktlint`, `dotnet-format`, `markdownlint-cli2`, `xmllint` (via `cargo:xmloxide`), `license-header` (pure-Rust, no binary) - **Windows support** — ktlint self-executing JAR handled via explicit `java -jar` invocation ### Migration See [AGENTS-V2.md](https://github.com/grafana/flint/blob/main/AGENTS-V2.md) and [README.md](https://github.com/grafana/flint/blob/main/README.md) for full setup instructions. Quick reference for existing consumers: ```toml [tools] # While installing from source (pre-crates.io release): "cargo:https://github.com/grafana/flint" = "branch:main" [env] FLINT_CONFIG_DIR = ".github/config" [tasks.lint] run = "flint run" [tasks."lint:fix"] run = "flint run --fix" ``` Remove: `lint:super-linter`, `lint:links`, `lint:renovate-deps`, `setup:native-lint-tools`, `setup:pre-commit-hook` tasks. Run `flint update` to auto-migrate any obsolete tool keys. > [!NOTE] > The changelog below includes entries from the legacy v1 bash era — see [README-V1.md](https://github.com/grafana/flint/blob/main/README-V1.md) for v1 docs. --- ## [0.20.0](flint-v0.19.0...flint-v0.20.0) (2026-04-13) ### Features * add flint v2 Rust binary ([#139](#139)) ([19f2b25](19f2b25)) * add native linting mode and version mapping infrastructure ([#93](#93)) ([24b06da](24b06da)) * add Renovate shareable preset for consuming repos ([#17](#17)) ([8a06590](8a06590)) * consolidate link checking and add autofix flags ([#7](#7)) ([086a5e9](086a5e9)) * flint update command, explicit JAR flag, v0.20.0 ([#146](#146)) ([b43bf52](b43bf52)) * handle line-number anchors and issue comments globally ([#56](#56)) ([cf751df](cf751df)) * **links:** add GitHub URL remaps for line-number and fragment anchors ([#28](#28)) ([5b59065](5b59065)) * **links:** auto-remap base-branch GitHub URLs to PR branch ([#18](#18)) ([dd6cc61](dd6cc61)) * **renovate:** support SHA-pinned URLs in Renovate preset ([#21](#21)) ([4fd1f28](4fd1f28)) * **super-linter:** default to slim image ([#24](#24)) ([c8eeab8](c8eeab8)) * support NATIVE env var for container-free linting ([#107](#107)) ([0a8193d](0a8193d)) ### Bug Fixes * activate mise environment in native lint mode ([#123](#123)) ([d0fec45](d0fec45)) * add 'mise run fix' hint to lint failure output ([#90](#90)) ([5b4ad5d](5b4ad5d)) * decouple version mapping generation from pinned super-linter version ([#112](#112)) ([5370e77](5370e77)) * **deps:** update rust crate crossterm to 0.29 ([#156](#156)) ([c59ae3e](c59ae3e)) * **deps:** update rust crate similar to v3 ([#160](#160)) ([684be4e](684be4e)) * **deps:** update rust crate toml to v1 ([#161](#161)) ([3aae614](3aae614)) * **deps:** update rust crate toml_edit to 0.25 ([#158](#158)) ([42d9efd](42d9efd)) * exclude GitHub compare links from lychee checks ([#10](#10)) ([e714608](e714608)) * fail native lint when enabled tools are missing ([#111](#111)) ([163bb6b](163bb6b)) * improve link checker reliability against GitHub rate limiting ([#95](#95)) ([7a5282d](7a5282d)) * include staged files in native lint file list ([#135](#135)) ([34412d6](34412d6)) * **links:** add regex anchors to remap patterns ([#19](#19)) ([2e17348](2e17348)) * native lint in worktrees, trust toml, use ec binary, drop isort ([#134](#134)) ([8594bba](8594bba)) * **release-please:** fix footer not appearing on release PRs ([#40](#40)) ([d7a55e4](d7a55e4)) * remap same-repo GitHub URLs to local file paths ([#100](#100)) ([b4feadd](b4feadd)) * **renovate-deps:** forward GITHUB_TOKEN as GITHUB_COM_TOKEN ([#132](#132)) ([4d6510b](4d6510b)) * replace broken release-please PR comment with docs ([#12](#12)) ([817b37d](817b37d)) * run shellcheck on .bats files in native mode ([#137](#137)) ([a4fd3f8](a4fd3f8)) * strip Scroll to Text Fragment anchors in link checks ([#86](#86)) ([b630cdf](b630cdf)) * tighten markdownlint config for native mode ([#106](#106)) ([6ef25b2](6ef25b2)) * use remap instead of exclude for issue comment anchors ([#58](#58)) ([656f355](656f355)) --- > [!IMPORTANT] > Close and reopen this PR to trigger CI checks. Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
raw.githubusercontent.comURLs with version comments (e.g.,# v0.3.0)Test plan
mise.toml