-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrenovate.json
More file actions
73 lines (73 loc) · 1.69 KB
/
Copy pathrenovate.json
File metadata and controls
73 lines (73 loc) · 1.69 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
":semanticCommits",
":pinDigests",
":separatePatchReleases"
],
"schedule": [
"before 8am on Monday"
],
"timezone": "Etc/UTC",
"labels": [
"deps"
],
"prConcurrentLimit": 4,
"prHourlyLimit": 2,
"configMigration": true,
"rangeStrategy": "bump",
"lockFileMaintenance": {
"enabled": true,
"schedule": [
"before 8am on Monday"
]
},
"cargo": {
"enabled": true
},
"github-actions": {
"enabled": true,
"pinDigests": true
},
"dockerfile": {
"enabled": true,
"pinDigests": true
},
"packageRules": [
{
"description": "Group all tokio crates",
"matchManagers": ["cargo"],
"matchPackagePatterns": ["^tokio"],
"groupName": "tokio"
},
{
"description": "Group all serde crates",
"matchManagers": ["cargo"],
"matchPackagePatterns": ["^serde"],
"groupName": "serde"
},
{
"description": "Group all SunLit security crates together",
"matchManagers": ["cargo"],
"matchPackagePatterns": ["^secure_", "^security_"],
"groupName": "sunlit-security-crates"
},
{
"description": "Group GHA SHA pin updates by action family",
"matchManagers": ["github-actions"],
"groupName": "github-actions",
"automerge": false
},
{
"description": "Group cosign / sigstore tooling together",
"matchManagers": ["github-actions"],
"matchPackagePatterns": ["sigstore/", "actions/attest"],
"groupName": "sigstore-attestation"
}
],
"vulnerabilityAlerts": {
"labels": ["security"],
"enabled": true
}
}