feat: add Renovate + Claude AI triage pipeline#19
Conversation
- .github/renovate.json5 — monthly dependency updates across workspace root and all apps/ with 14-day minimumReleaseAge supply-chain protection - .github/workflows/renovate.yml — GitHub Actions runner (2nd of month, 05:00 UTC) - .github/labeler.yml — component path mapping for renovate-review skill - .claude/skills/renovate-review/SKILL.md — Claude skill that triages each Renovate PR for breaking changes, dead deps, and deprecated configs before merge - .gitignore — allow .claude/skills/renovate-review/SKILL.md into version control Requires RENOVATE_TOKEN secret (GitHub PAT with repo + workflow scopes). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (5)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including ⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Snyk Security ScanCommit: Open Source DependenciesStatus: PASS — no vulnerabilities at or above threshold. Snyk Code (SAST)Status: FAIL — 23 issues found.
3 additional findings omitted. |
Summary
renovate-reviewskill that triages each Renovate PR for breaking changes, dead deps, and deprecated configs.gitignoreto allow the skill file into version controlFiles
.github/renovate.json5.github/workflows/renovate.ymlRENOVATE_TOKENsecret.github/labeler.yml.claude/skills/renovate-review/SKILL.md.gitignore.claude/skills/renovate-review/SKILL.mdfrom the existing.claude/*ignore ruleSetup required before this workflow runs
RENOVATE_TOKENsecret in GitHub → Settings → Secrets → Actions (GitHub PAT withrepo+workflowscopes)Test plan
RENOVATE_TOKENsecret to the repo[RENOVATE]prefixed titles/renovate-review <PR number>in Claude Code against one of the opened PRs🤖 Generated with Claude Code