Add Renovate configuration for automated dependency management

[Erwan-loot]

Introduce Renovate configuration files to automate dependency updates and management, enhancing project maintenance and security.

Before merging ensure you have a finegrained token named RENOVATE_TOKEN in your secrets with theses permissions
docs.renovatebot.com/modules/platform/github#permissions

Summary by CodeRabbit

• Chores
  • Added an automated dependency-update workflow that runs weekly and can be triggered on demand.
  • Creates consistent dependency-update PRs with standardized labels and commit-message suffixes to simplify triage.
  • Added a Renovate configuration schema to establish update behavior.
  • Reduces manual maintenance effort and improves dependency update cadence.

[coderabbitai]

Walkthrough

Adds a new GitHub Actions workflow .github/workflows/renovate.yml to run Renovate on schedule and via manual dispatch, and adds a minimal renovate.json containing only the Renovate JSON schema declaration.

Changes

Cohort / File(s)	Summary
Renovate workflow ​.github/workflows/renovate.yml	New workflow triggered by workflow_dispatch (debug input) and cron (Mondays 00:00). Job renovate runs on ubuntu-latest, checks out the repo (actions/[email protected]) and runs renovatebot/[email protected] with token and environment variables: LOG_LEVEL (from debug), RENOVATE_REPOSITORIES (current repo), RENOVATE_COMMIT_MESSAGE_SUFFIX (conditional using currentDigestShort or currentVersion), RENOVATE_LABELS, RENOVATE_DEPENDENCY_DASHBOARD_LABELS, RENOVATE_EXTENDS, and RENOVATE_PLATFORM.
Renovate config schema renovate.json	New file added containing only the $schema property pointing to the Renovate configuration schema URL; no additional Renovate rules or settings included.

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor Dev as Developer
  participant GH as GitHub Actions
  participant Repo as Repository
  participant Renovate as Renovate Action
  participant GHAPI as GitHub API

  rect rgb(240,248,255)
    note over Dev,GH: Triggers
    Dev->>GH: workflow_dispatch (optional debug) or cron (Mon 00:00)
  end

  GH->>Repo: actions/[email protected]
  GH->>Renovate: renovatebot/[email protected]\n(env: LOG_LEVEL, RENOVATE_REPOSITORIES, RENOVATE_COMMIT_MESSAGE_SUFFIX, RENOVATE_LABELS, RENOVATE_DEPENDENCY_DASHBOARD_LABELS, RENOVATE_EXTENDS, RENOVATE_PLATFORM)
  Renovate->>GHAPI: Inspect repo & dependencies
  alt Updates found
    Renovate->>GHAPI: Create/Update PRs (labels: dependencies)
  else No updates
    Renovate-->>GH: Exit successfully
  end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

Hop! At midnight I wake to scan the beds,
I twitch my nose and tidy up the threads.
A labeled PR, a carrot-shaped clue,
Schema set, small fixes hopping through.
Thump-thump—merge dreams nibble true. 🥕

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title clearly states that Renovate configuration is being added to enable automated dependency management, matching the primary change of introducing workflow and configuration files for Renovate.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a1c38a1 and 7c4ce20.

📒 Files selected for processing (2)

• .github/workflows/renovate.yml (1 hunks)
• renovate.json (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Lint, test, and build the code (ubuntu-24.04, linux/amd64)
• GitHub Check: Lint, test, and build the code (ubuntu-24.04-arm, linux/arm64)

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e0afd8d and 8a52497.

📒 Files selected for processing (1)

• .github/workflows/renovate.yml (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)

• GitHub Check: Lint, test, and build the code (ubuntu-24.04, linux/amd64)
• GitHub Check: Lint, test, and build the code (ubuntu-24.04-arm, linux/arm64)