|
8 | 8 | { |
9 | 9 | "groupName": "{{manager}} dependencies", |
10 | 10 | "groupSlug": "{{manager}}", |
11 | | - "separateMajorMinor": false, |
| 11 | + "separateMajorMinor": true, |
| 12 | + // This is the default but is later disabled by a higher priority package rule |
| 13 | + // for major updates. |
12 | 14 | "automerge": true, |
13 | 15 | "matchPackageNames": [ |
14 | 16 | "*" |
15 | 17 | ] |
16 | 18 | }, |
| 19 | + // Enable `go mod tidy` post step in gomod updates. Note that this step is always skipped for |
| 20 | + // majors per Renovate design. |
17 | 21 | { |
18 | 22 | "matchManagers": ["gomod"], |
19 | 23 | "postUpdateOptions": ["gomodTidy"] |
20 | 24 | }, |
| 25 | + // React updates. |
21 | 26 | { |
22 | 27 | "matchPackageNames": ["next", "react", "react-*", "@types/react", "@types/react-*", "eslint", "eslint-config-next"], |
23 | 28 | "matchManagers": ["npm"], |
24 | 29 | "matchUpdateTypes": ["major"], |
25 | 30 | "enabled": false |
26 | 31 | }, |
| 32 | + // Docker compose updates |
27 | 33 | { |
28 | 34 | "matchPackageNames": ["ghcr.io/peerdb-io/**"], |
29 | 35 | "matchManagers": ["docker-compose"], |
30 | 36 | "matchUpdateTypes": ["pinDigest"], |
31 | 37 | "matchFileNames": ["docker-compose.yml"], |
32 | 38 | "enabled": false |
33 | 39 | }, |
| 40 | + // Disable updates on generated and dependencies without explicit versions in their life cycles. |
| 41 | + // Disabled updates means that Renovate will not proactively propose changes for these dependencies |
| 42 | + // but its reliance on go MVS might generate update PRs with updates on these if transitively required. |
| 43 | + // For pinned versions, this requires `exclude` rules in `go.mod` files. |
34 | 44 | { |
35 | 45 | "matchManagers": ["gomod"], |
36 | 46 | "matchPackageNames": [ |
|
41 | 51 | ], |
42 | 52 | "enabled": false |
43 | 53 | }, |
| 54 | + // Explicit versions exclusions for pinned go dependencies, as in the previous rule, this doesn't |
| 55 | + // prevent updates if transitively required but it prevents proactive updates. |
44 | 56 | { |
45 | 57 | "matchManagers": ["gomod"], |
46 | 58 | "matchPackageNames": ["cloud.google.com/go/bigquery"], |
|
65 | 77 | "matchManagers": ["gomod"], |
66 | 78 | "matchPackageNames": ["github.com/tikv/pd/client"], |
67 | 79 | "allowedVersions": "v0.0.0-20251229071808-6173d50c004c" |
| 80 | + }, |
| 81 | + // This package rule instruct renovate to require approval from |
| 82 | + // the dependency dashboard before proposing major upgrades. |
| 83 | + // This sets a default is approval mindset for automatic proposals. |
| 84 | + { |
| 85 | + "matchUpdateTypes": [ |
| 86 | + "major" |
| 87 | + ], |
| 88 | + "dependencyDashboardApproval": true, |
| 89 | + "automerge": false |
68 | 90 | } |
69 | 91 | ], |
70 | 92 | "vulnerabilityAlerts": { |
|
0 commit comments