Skip to content

chore: Configure Renovate#19

Merged
outscale-rce merged 2 commits into
masterfrom
renovate/configure
Jul 13, 2026
Merged

chore: Configure Renovate#19
outscale-rce merged 2 commits into
masterfrom
renovate/configure

Conversation

@Open-Source-Bot

Copy link
Copy Markdown
Contributor

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch. Renovate will update the Pull Request description the next time it runs.


Detected Package Files

  • Dockerfile (dockerfile)
  • .github/workflows/cred-scan.yml (github-actions)
  • .github/workflows/github-sanity-scan.yml (github-actions)
  • .github/renovate.json5 (renovate-config)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Provide a link to octochangelog's improved breakdown for Renovate's changelogs
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Run Renovate on following schedule: * 22-23,0-6 * * , * * * 0,6

What to Expect

With your current configuration, Renovate will create 4 Pull Requests:

⬆️ deps(github-actions): pin dependencies
  • Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
  • Branch name: renovate/pin-dependencies
  • Merge into: master
  • Upgrade actions/checkout to ee0669bd1cc54295c223e0bb666b733df41de1c5
  • Upgrade outscale-dev/cred-scan to 36ef82cc690d72a17bf0993ab323961f1b1f9c66
  • Upgrade outscale/github-sanity-scan to 380a9927b4be45d9c4f6f66a4e8dfd7cf7b18513
  • Upgrade python to sha256:eedf63967cdb57d8214db38ce21f105003ed4e4d0358f02bedc057341bcf92a0
⬆️ deps(dockerfile): update python docker tag to v3.14
  • Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
  • Branch name: renovate/python-3.x
  • Merge into: master
  • Upgrade python to sha256:09b29c360b84742bf98eba40b214f7f6b4b53286bb2c8a8b5b1afa188a8d9c0e
⬆️ deps(github-actions): update actions/checkout action to v7
  • Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
  • Branch name: renovate/actions-checkout-7.x
  • Merge into: master
  • Upgrade actions/checkout to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
⬆️ deps(github-actions): update dependency ubuntu to v24
  • Schedule: ["* 22-23,0-6 * * "," * * * 0,6"]
  • Branch name: renovate/ubuntu-24.x
  • Merge into: master
  • Upgrade ubuntu to 24.04

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.


❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.


This PR has been generated by Mend Renovate.

@outscale-rce
outscale-rce merged commit fe7e868 into master Jul 13, 2026
2 checks passed
@outscale-rce
outscale-rce deleted the renovate/configure branch July 13, 2026 15:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Development

Successfully merging this pull request may close these issues.

2 participants