-
Notifications
You must be signed in to change notification settings - Fork 198
Expand file tree
/
Copy pathrenovate.json5
More file actions
109 lines (109 loc) · 3.48 KB
/
Copy pathrenovate.json5
File metadata and controls
109 lines (109 loc) · 3.48 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>PeerDB-io/.github:renovate-config",
":preserveSemverRanges"
],
"packageRules": [
{
"groupName": "{{manager}} dependencies",
"groupSlug": "{{manager}}",
"separateMajorMinor": true,
// This is the default but is later disabled by a higher priority package rule
// for major updates.
"automerge": true,
"matchPackageNames": [
"*"
]
},
// Enable `go mod tidy` post step in gomod updates. Note that this step is always skipped for
// majors per Renovate design.
{
"matchManagers": ["gomod"],
"postUpdateOptions": ["gomodTidy"]
},
// React updates.
{
"matchPackageNames": ["next", "react", "react-*", "@types/react", "@types/react-*", "eslint", "eslint-config-next"],
"matchManagers": ["npm"],
"matchUpdateTypes": ["major"],
"enabled": false
},
// Docker compose updates
{
"matchPackageNames": ["ghcr.io/peerdb-io/**"],
"matchManagers": ["docker-compose"],
"matchUpdateTypes": ["pinDigest"],
"matchFileNames": ["docker-compose.yml"],
"enabled": false
},
// Disable updates on generated and dependencies without explicit versions in their life cycles.
// Disabled updates means that Renovate will not proactively propose changes for these dependencies
// but its reliance on go MVS might generate update PRs with updates on these if transitively required.
// For pinned versions, this requires `exclude` rules in `go.mod` files.
{
"matchManagers": ["gomod"],
"matchPackageNames": [
"github.com/PeerDB-io/peerdb/flow/generated/**",
"github.com/pingcap/tidb",
"github.com/pingcap/tidb/pkg/parser",
"github.com/aws/aws-sdk-go-v2/feature/s3/manager"
],
"enabled": false
},
// Explicit versions exclusions for pinned go dependencies, as in the previous rule, this doesn't
// prevent updates if transitively required but it prevents proactive updates.
{
"matchManagers": ["gomod"],
"matchPackageNames": ["cloud.google.com/go/bigquery"],
"allowedVersions": "v1.72.0"
},
{
"matchManagers": ["gomod"],
"matchPackageNames": ["cloud.google.com/go/pubsub/v2"],
"allowedVersions": "v2.3.0"
},
{
"matchManagers": ["gomod"],
"matchPackageNames": ["github.com/aws/aws-sdk-go-v2/feature/s3/manager"],
"allowedVersions": "v1.21.0"
},
{
"matchManagers": ["gomod"],
"matchPackageNames": ["google.golang.org/api"],
"allowedVersions": "v0.257.0"
},
{
"matchManagers": ["gomod"],
"matchPackageNames": ["github.com/tikv/pd/client"],
"allowedVersions": "v0.0.0-20251229071808-6173d50c004c"
},
{
"matchManagers": ["gomod"],
"matchPackageNames": ["github.com/jackc/pgx/v5"],
"allowedVersions": "v5.9.1"
},
// This package rule instruct renovate to require approval from
// the dependency dashboard before proposing major upgrades.
// This sets a default is approval mindset for automatic proposals.
{
"matchUpdateTypes": [
"major"
],
"dependencyDashboardApproval": true,
"automerge": false
}
],
"vulnerabilityAlerts": {
"enabled": true
},
"timezone": "Etc/UTC",
"schedule": [
"after 5pm on monday"
],
"additionalReviewers": [
"team:eng"
],
"prConcurrentLimit": 8,
"minimumReleaseAge": "7 days"
}