-
-
Notifications
You must be signed in to change notification settings - Fork 697
Expand file tree
/
Copy pathrenovate.json
More file actions
52 lines (52 loc) · 1.59 KB
/
renovate.json
File metadata and controls
52 lines (52 loc) · 1.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"dependencyDashboard": true,
"dependencyDashboardTitle": "Renovate(bot) : dependency dashboard",
"vulnerabilityAlerts": {
"enabled": true
},
"extends": [
"config:best-practices",
"helpers:pinGitHubActionDigests",
"schedule:weekly"
],
"recreateWhen": "always",
"packageRules": [
{
"matchPackageNames": ["*"],
"groupName": "all dependencies",
"groupSlug": "all"
},
{
"description": "Run pin updates immediately, outside of weekly schedule",
"matchUpdateTypes": ["pin"],
"schedule": ["at any time"]
},
{
"description": "Skip digest pinning for bare branch refs - these cannot be pinned reliably",
"matchPackageNames": ["ccojocar/barry", "securego/gosec"],
"matchManagers": ["github-actions"],
"pinDigests": false
},
{
"description": "Enable vulnerability alerts for indirect Go dependencies",
"matchDepTypes": ["indirect"],
"matchManagers": ["gomod"],
"enabled": true,
"vulnerabilityAlerts": {
"enabled": true
}
}
],
"lockFileMaintenance": {
"commitMessageAction": "Update",
"enabled": true,
"schedule": ["before 3am on monday"],
"branchPrefix": "renovate/"
},
"postUpdateOptions": [
"gomodTidy",
"gomodUpdateImportPaths"
],
"separateMajorMinor": false
}