cv/renovate.json5 at main · devtobi/cv · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "description": "Custom Renovate configuration",
  "extends": [
    // Custom Manager Presets (https://docs.renovatebot.com/presets-customManagers/)
    "customManagers:githubActionsVersions", // manages _VERSION variables in GitHub Action workflows

    // Default Presets (https://docs.renovatebot.com/presets-default/)
    ":approveMajorUpdates", // major dependency updates need to be approved via dashboard before PR is created
    ":assignAndReview(devtobi)",
    ":automergePatch",
    ":disableRateLimiting", // allows unlimited creation of PRs
    ":enableVulnerabilityAlertsWithLabel(security)", // custom label for security PRs created by Renovatebot
    ":label(dependency)", // custom label for PRs created by Renovatebot
    ":npm", // updating package.json and package-lock.json
    ":pinAllExceptPeerDependencies", // do version pinning except for peer dependencies
    ":rebaseStalePrs", // rebase Renovate PR branched when base branch is updated
    ":semanticCommits", // enabled semantic commits in PR titles
    ":separateMultipleMajorReleases", // separate major updates of dependencies into separate PRs
    ":timezone(Europe/Berlin)", // sets correct timezone for schedule based operations

    // Full Config Presets (https://docs.renovatebot.com/presets-config/)
    "config:best-practices", // enables best practices by the Renovate team

    // Helper Presets (https://docs.renovatebot.com/presets-helpers/)
    "helpers:pinGitHubActionDigestsToSemver", // enabled pinning the action digest with a semantic version comment

    // npm Presets (https://docs.renovatebot.com/presets-npm/)
    "npm:unpublishSafe", // used to make sure updates are only done after the npm package is "stable" (at least for 3 days)

    // Schedule presets (https://docs.renovatebot.com/presets-schedule/)
    "schedule:monthly", // Renovatebot will search weekly for available dependency updates

    // Security presets (https://docs.renovatebot.com/presets-security/)
    "security:openssf-scorecard" // show OpenSSF badge on pull requests to evaluate security health metrics for dependencies
  ],
  "packageRules": [
    {
      "description": "Disable automerge for patch-level updates when pre-release version",
      "matchUpdateTypes": ["patch"],
      "matchCurrentVersion": "/^0\\./",
      "automerge": false
    },
    {
      "groupName": "PrimeVue packages",
      "groupSlug": "primevue",
      "matchDatasources": [
        "npm"
      ],
      "matchPackageNames": [
        "primevue",
        "@primevue/*"
      ]
    }
  ]
}