Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Configure Renovate #91

Merged
merged 1 commit into from
Jul 23, 2024
Merged

chore: Configure Renovate #91

merged 1 commit into from
Jul 23, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 12, 2024
edited
Loading

Mend Renovate

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • .github/workflows/alibabacloud.yml (github-actions)
  • .github/workflows/anchore.yml (github-actions)
  • .github/workflows/apisec-scan.yml (github-actions)
  • .github/workflows/aws.yml (github-actions)
  • .github/workflows/azure-container-webapp.yml (github-actions)
  • .github/workflows/azure-kubernetes-service-helm.yml (github-actions)
  • .github/workflows/azure-kubernetes-service-kompose.yml (github-actions)
  • .github/workflows/azure-kubernetes-service-kustomize.yml (github-actions)
  • .github/workflows/azure-kubernetes-service.yml (github-actions)
  • .github/workflows/azure-staticwebapp.yml (github-actions)
  • .github/workflows/azure-webapps-dotnet-core.yml (github-actions)
  • .github/workflows/azure-webapps-java-jar.yml (github-actions)
  • .github/workflows/azure-webapps-node.yml (github-actions)
  • .github/workflows/azure-webapps-php.yml (github-actions)
  • .github/workflows/azure-webapps-python.yml (github-actions)
  • .github/workflows/azure.yml (github-actions)
  • .github/workflows/brakeman.yml (github-actions)
  • .github/workflows/checkmarx.yml (github-actions)
  • .github/workflows/clj-holmes.yml (github-actions)
  • .github/workflows/clj-watson.yml (github-actions)
  • .github/workflows/codacy.yml (github-actions)
  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/codescan.yml (github-actions)
  • .github/workflows/codescaner-analysis.yml (github-actions)
  • .github/workflows/crunch42.yml (github-actions)
  • .github/workflows/datadog-synthetics.yml (github-actions)
  • .github/workflows/deno.yml (github-actions)
  • .github/workflows/dependency-review.yml (github-actions)
  • .github/workflows/detekt.yml (github-actions)
  • .github/workflows/devops-starter-workflow.yml (github-actions)
  • .github/workflows/devskim.yml (github-actions)
  • .github/workflows/docker-image.yml (github-actions)
  • .github/workflows/docker-publish.yml (github-actions)
  • .github/workflows/eslint.yml (github-actions)
  • .github/workflows/fortify.yml (github-actions)
  • .github/workflows/google-cloudrun-docker.yml (github-actions)
  • .github/workflows/google-cloudrun-source.yml (github-actions)
  • .github/workflows/google.yml (github-actions)
  • .github/workflows/googleXs.yml (github-actions)
  • .github/workflows/hadolint.yml (github-actions)
  • .github/workflows/ibm.yml (github-actions)
  • .github/workflows/jekyll.yml (github-actions)
  • .github/workflows/kubesec.yml (github-actions)
  • .github/workflows/manual.yml (github-actions)
  • .github/workflows/mayhem-for-api.yml (github-actions)
  • .github/workflows/mobsf.yml (github-actions)
  • .github/workflows/neuralegion.yml (github-actions)
  • .github/workflows/njsscan.yml (github-actions)
  • .github/workflows/node.js.yml (github-actions)
  • .github/workflows/nowsecure.yml (github-actions)
  • .github/workflows/npm-grunt.yml (github-actions)
  • .github/workflows/npm-gulp.yml (github-actions)
  • .github/workflows/npm-publish-github-packages.yml (github-actions)
  • .github/workflows/npm-publish.yml (github-actions)
  • .github/workflows/openshift.yml (github-actions)
  • .github/workflows/ossar-analysis.yml (github-actions)
  • .github/workflows/ossar.yml (github-actions)
  • .github/workflows/pmd.yml (github-actions)
  • .github/workflows/powershell.yml (github-actions)
  • .github/workflows/python-app.yml (github-actions)
  • .github/workflows/rubocop.yml (github-actions)
  • .github/workflows/rust-clippy.yml (github-actions)
  • .github/workflows/scorecards.yml (github-actions)
  • .github/workflows/securitycodescan.yml (github-actions)
  • .github/workflows/semgrep.yml (github-actions)
  • .github/workflows/snyk-container.yml (github-actions)
  • .github/workflows/snyk-infrastructure.yml (github-actions)
  • .github/workflows/sobelow.yml (github-actions)
  • .github/workflows/sonarcloud.yml (github-actions)
  • .github/workflows/stackhawk.yml (github-actions)
  • .github/workflows/synopsys-io.yml (github-actions)
  • .github/workflows/sysdig-scan.yml (github-actions)
  • .github/workflows/tencent.yml (github-actions)
  • .github/workflows/terraform.yml (github-actions)
  • .github/workflows/tfsec.yml (github-actions)
  • .github/workflows/trivy.yml (github-actions)
  • .github/workflows/veracode.yml (github-actions)
  • .github/workflows/webpack.yml (github-actions)
  • .github/workflows/xanitizer.yml (github-actions)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Show all Merge Confidence badges for pull requests.
  • Separate major versions of dependencies into individual branches/PRs.
  • Do not separate patch and minor upgrades into separate PRs for the same dependency.
  • Upgrade to unstable versions only if the existing version is unstable.
  • Raise PRs immediately (after branch is created).
  • Add the renovate/ prefix to all branch names.
  • Keep existing branches updated even when not scheduled.
  • Ignore node_modules, bower_components, vendor and various test/tests directories.
  • Update existing lock files only when package.json is modified.
  • Limit to maximum 20 open PRs at any time.
  • Group known monorepo packages together.
  • Disable major updates to @types/node.
  • Automerge digest upgrades if they pass tests.
  • Automerge patch upgrades if they pass tests.
  • Pin all dependency versions except peerDependencies.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Enable Docker major updates.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 69 Pull Requests:

chore(deps): update 42crunch/api-security-audit-action digest to 8f3291a
  • Schedule: ["at any time"]
  • Branch name: renovate/42crunch-api-security-audit-action-digest
  • Merge into: master
  • Upgrade 42Crunch/api-security-audit-action to 8f3291aee67d774baf12330d1bfe86af2c861a06
chore(deps): update anchore/scan-action digest to f7dc204
  • Schedule: ["at any time"]
  • Branch name: renovate/anchore-scan-action-digest
  • Merge into: master
  • Upgrade anchore/scan-action to f7dc2041c479f93d4c0ee20882d0c357d6006253
chore(deps): update andstor/file-existence-action digest to 31a5027
  • Schedule: ["at any time"]
  • Branch name: renovate/andstor-file-existence-action-digest
  • Merge into: master
  • Upgrade andstor/file-existence-action to 31a502724c77ada11ba0b3442e34757182ccdbd3
chore(deps): update apisec-inc/apisec-run-scan digest to 8f66ce9
  • Schedule: ["at any time"]
  • Branch name: renovate/apisec-inc-apisec-run-scan-digest
  • Merge into: master
  • Upgrade apisec-inc/apisec-run-scan to 8f66ce948afb779712a1d57ecb0a528d7ded5a45
chore(deps): update aquasecurity/trivy-action digest to d9cd5b1
  • Schedule: ["at any time"]
  • Branch name: renovate/aquasecurity-trivy-action-digest
  • Merge into: master
  • Upgrade aquasecurity/trivy-action to d9cd5b1c23aaf8cb31bb09141028215828364bbb
chore(deps): update checkmarx-ts/checkmarx-cxflow-github-action digest to 4f66c61
  • Schedule: ["at any time"]
  • Branch name: renovate/checkmarx-ts-checkmarx-cxflow-github-action-digest
  • Merge into: master
  • Upgrade checkmarx-ts/checkmarx-cxflow-github-action to 4f66c610b7514597ca12a7a89f9a9461fbfb7d6f
chore(deps): update codacy/codacy-analysis-cli-action digest to 0991600
  • Schedule: ["at any time"]
  • Branch name: renovate/codacy-codacy-analysis-cli-action-digest
  • Merge into: master
  • Upgrade codacy/codacy-analysis-cli-action to 09916000460adeeedc96b9704f86deba53e2ad5d
chore(deps): update codescan-io/codescan-scanner-action digest to 6793740
  • Schedule: ["at any time"]
  • Branch name: renovate/codescan-io-codescan-scanner-action-digest
  • Merge into: master
  • Upgrade codescan-io/codescan-scanner-action to 6793740039071596c5e9445dd60dd3825238d290
chore(deps): update datadog/synthetics-ci-github-action digest to fe4e610
  • Schedule: ["at any time"]
  • Branch name: renovate/datadog-synthetics-ci-github-action-digest
  • Merge into: master
  • Upgrade DataDog/synthetics-ci-github-action to fe4e6106a85c3439e2d90977cf4bda7f58183cd8
chore(deps): update docker/build-push-action digest to 5176d81
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-build-push-action-digest
  • Merge into: master
  • Upgrade docker/build-push-action to 5176d81f87c23d6fc96624dfdbcd9f3830bbe445
chore(deps): update docker/login-action digest to 9780b0c
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-login-action-digest
  • Merge into: master
  • Upgrade docker/login-action to 9780b0c442fbb1117ed29e0efdff1e18412f7567
chore(deps): update docker/metadata-action digest to a64d048
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-metadata-action-digest
  • Merge into: master
  • Upgrade docker/metadata-action to a64d0487d7069df33b279515d35d60fa80e2ea62
chore(deps): update docker/setup-buildx-action digest to aa33708
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-setup-buildx-action-digest
  • Merge into: master
  • Upgrade docker/setup-buildx-action to aa33708b10e362ff993539393ff100fa93ed6a27
chore(deps): update forallsecure/mapi-action digest to c31b188
  • Schedule: ["at any time"]
  • Branch name: renovate/forallsecure-mapi-action-digest
  • Merge into: master
  • Upgrade ForAllSecure/mapi-action to c31b1886401e3db6ec5c7d7d0ffa4dd6716628cf
chore(deps): update fortify/gha-export-vulnerabilities digest to d2838d7
  • Schedule: ["at any time"]
  • Branch name: renovate/fortify-gha-export-vulnerabilities-digest
  • Merge into: master
  • Upgrade fortify/gha-export-vulnerabilities to d2838d7a21c0499504efe8f384573f51bea799e0
chore(deps): update fortify/gha-setup-fod-uploader digest to e633769
  • Schedule: ["at any time"]
  • Branch name: renovate/fortify-gha-setup-fod-uploader-digest
  • Merge into: master
  • Upgrade fortify/gha-setup-fod-uploader to e633769408318bd54b9ab2a7f62bf1f39d0df835
chore(deps): update fortify/gha-setup-scancentral-client digest to f4282a5
  • Schedule: ["at any time"]
  • Branch name: renovate/fortify-gha-setup-scancentral-client-digest
  • Merge into: master
  • Upgrade fortify/gha-setup-scancentral-client to f4282a5ec53f68d2cfb4d475e87a488240527d4f
chore(deps): update mobsf/mobsfscan digest to 25184ed
  • Schedule: ["at any time"]
  • Branch name: renovate/mobsf-mobsfscan-digest
  • Merge into: master
  • Upgrade MobSF/mobsfscan to 25184ed98afa315d90f982d10a44e42c065dcebe
chore(deps): update neuralegion/run-scan digest to 5679a34
  • Schedule: ["at any time"]
  • Branch name: renovate/neuralegion-run-scan-digest
  • Merge into: master
  • Upgrade NeuraLegion/run-scan to 5679a34436d5aec3650609493882fe01439872b4
chore(deps): update nowsecure/nowsecure-action digest to 901b53b
  • Schedule: ["at any time"]
  • Branch name: renovate/nowsecure-nowsecure-action-digest
  • Merge into: master
  • Upgrade nowsecure/nowsecure-action to 901b53b55dfe9d9813e280078163629a04117269
chore(deps): update nuget/setup-nuget digest to 282df8e
  • Schedule: ["at any time"]
  • Branch name: renovate/nuget-setup-nuget-digest
  • Merge into: master
  • Upgrade nuget/setup-nuget to 282df8e76355c378ab8b4306b363073765a6cf93
chore(deps): update pmd/pmd-github-action digest to e437795
  • Schedule: ["at any time"]
  • Branch name: renovate/pmd-pmd-github-action-digest
  • Merge into: master
  • Upgrade pmd/pmd-github-action to e437795e6760134d4f306df4ab35edf298a42d70
chore(deps): update returntocorp/semgrep-action digest to 713efdd
  • Schedule: ["at any time"]
  • Branch name: renovate/returntocorp-semgrep-action-digest
  • Merge into: master
  • Upgrade returntocorp/semgrep-action to 713efdd345f3035192eaa63f56867b88e63e4e5d
chore(deps): update ruby/setup-ruby digest to 50ba338
  • Schedule: ["at any time"]
  • Branch name: renovate/ruby-setup-ruby-digest
  • Merge into: master
  • Upgrade ruby/setup-ruby to 50ba3386b050ad5b97a41fcb81240cbee1d1821f
chore(deps): update shivammathur/setup-php digest to 15b6112
  • Schedule: ["at any time"]
  • Branch name: renovate/shivammathur-setup-php-digest
  • Merge into: master
  • Upgrade shivammathur/setup-php to 15b611248c3d140461e97b2eb10de461ca9ec5a3
chore(deps): update sigstore/cosign-installer digest to cc23fe1
  • Schedule: ["at any time"]
  • Branch name: renovate/sigstore-cosign-installer-digest
  • Merge into: master
  • Upgrade sigstore/cosign-installer to cc23fe1cf04164ea4c208611cf647a013c6f8cc5
chore(deps): update snyk/actions digest to 640e317
  • Schedule: ["at any time"]
  • Branch name: renovate/snyk-actions-digest
  • Merge into: master
  • Upgrade snyk/actions to 640e31719aac3e44867d239dc86c20c3e34c8e4f
chore(deps): update sonarsource/sonarcloud-github-action digest to b7cc8bf
  • Schedule: ["at any time"]
  • Branch name: renovate/sonarsource-sonarcloud-github-action-digest
  • Merge into: master
  • Upgrade SonarSource/sonarcloud-github-action to b7cc8bf2004f4a9ef190137d8831630e9ae5d2e7
chore(deps): update stackhawk/hawkscan-action digest to babdc51
  • Schedule: ["at any time"]
  • Branch name: renovate/stackhawk-hawkscan-action-digest
  • Merge into: master
  • Upgrade stackhawk/hawkscan-action to babdc51d04a845402d5d5b3e0ca1a67d89bbf2c5
chore(deps): update synopsys-sig/intelligent-security-scan digest to 667da39
  • Schedule: ["at any time"]
  • Branch name: renovate/synopsys-sig-intelligent-security-scan-digest
  • Merge into: master
  • Upgrade synopsys-sig/intelligent-security-scan to 667da3979ed7f1bed7342ade0e15f27b628e7eb7
chore(deps): update sysdiglabs/scan-action digest to fe4881d
  • Schedule: ["at any time"]
  • Branch name: renovate/sysdiglabs-scan-action-digest
  • Merge into: master
  • Upgrade sysdiglabs/scan-action to fe4881d7888fd10dab6b0c88f2904d68fd83d57a
chore(deps): update veracode/veracode-pipeline-scan-results-to-sarif digest to 6a1ca6e
  • Schedule: ["at any time"]
  • Branch name: renovate/veracode-veracode-pipeline-scan-results-to-sarif-digest
  • Merge into: master
  • Upgrade veracode/veracode-pipeline-scan-results-to-sarif to 6a1ca6ebb21c9ec0cfca69987bf320a936b0577d
chore(deps): update actions/upload-artifact action to v3.1.3
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-upload-artifact-3.1.x
  • Merge into: master
  • Upgrade actions/upload-artifact to a8a3f3ad30e3422c9c7b888a15615d19a852ae32
chore(deps): update github/codeql-action action to v2.20.4
  • Schedule: ["at any time"]
  • Branch name: renovate/github-codeql-action-2.20.x
  • Merge into: master
  • Upgrade github/codeql-action to 489225d82a57396c6f426a40e66d461b16b3461d
chore(deps): update microsoft/setup-msbuild action to v1.3.3
  • Schedule: ["at any time"]
  • Branch name: renovate/microsoft-setup-msbuild-1.3.x
  • Merge into: master
  • Upgrade microsoft/setup-msbuild to v1.3.3
chore(deps): update actions/checkout action to v3.6.0
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-3.x
  • Merge into: master
  • Upgrade actions/checkout to f43a0e5ff2bd294095638e18286ca9a3d1956744
chore(deps): update actions/setup-java action to v3.13.0
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-java-3.x
  • Merge into: master
  • Upgrade actions/setup-java to v3.13.0
chore(deps): update actions/setup-python action to v4.8.0
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-python-4.x
  • Merge into: master
  • Upgrade actions/setup-python to v4.8.0
chore(deps): update azure/login action to v1.6.1
  • Schedule: ["at any time"]
  • Branch name: renovate/azure-login-1.x
  • Merge into: master
  • Upgrade azure/login to v1.6.1
chore(deps): update github/codeql-action action to v2.25.13
  • Schedule: ["at any time"]
  • Branch name: renovate/github-codeql-action-2.x
  • Merge into: master
  • Upgrade github/codeql-action to 563dcafdfe28a0bb82e2c272d84924f17b628540
chore(deps): update ossf/scorecard-action action to v2.3.3
  • Schedule: ["at any time"]
  • Branch name: renovate/ossf-scorecard-action-2.x
  • Merge into: master
  • Upgrade ossf/scorecard-action to dc50aa9510b46c811795eb24b2f1ba02a914e534
chore(deps): update actions/cache action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-cache-4.x
  • Merge into: master
  • Upgrade actions/cache to v4
chore(deps): update actions/checkout action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-4.x
  • Merge into: master
  • Upgrade actions/checkout to v4
  • Upgrade actions/checkout to 692973e3d937129bcbf40652eb9f2f61becf3332
chore(deps): update actions/dependency-review-action action to v4
chore(deps): update actions/download-artifact action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-download-artifact-4.x
  • Merge into: master
  • Upgrade actions/download-artifact to v4
chore(deps): update actions/github-script action to v7
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-github-script-7.x
  • Merge into: master
  • Upgrade actions/github-script to v7
chore(deps): update actions/setup-dotnet action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-dotnet-4.x
  • Merge into: master
  • Upgrade actions/setup-dotnet to v4
chore(deps): update actions/setup-java action to v4
chore(deps): update actions/setup-node action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-node-4.x
  • Merge into: master
  • Upgrade actions/setup-node to v4
chore(deps): update actions/setup-python action to v5
chore(deps): update actions/upload-artifact action to v4
chore(deps): update aws-actions/amazon-ecr-login action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/aws-actions-amazon-ecr-login-2.x
  • Merge into: master
  • Upgrade aws-actions/amazon-ecr-login to v2
chore(deps): update aws-actions/configure-aws-credentials action to v4
chore(deps): update azure/arm-deploy action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/azure-arm-deploy-2.x
  • Merge into: master
  • Upgrade azure/arm-deploy to v2
chore(deps): update azure/docker-login action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/azure-docker-login-2.x
  • Merge into: master
  • Upgrade azure/docker-login to v2
chore(deps): update azure/login action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/azure-login-2.x
  • Merge into: master
  • Upgrade azure/login to v2
  • Upgrade azure/login to v2.1.1
chore(deps): update azure/webapps-deploy action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/azure-webapps-deploy-3.x
  • Merge into: master
  • Upgrade azure/webapps-deploy to v3
chore(deps): update codecov/codecov-action action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/codecov-codecov-action-4.x
  • Merge into: master
  • Upgrade codecov/codecov-action to v4
chore(deps): update dependency ubuntu to v22
  • Schedule: ["at any time"]
  • Branch name: renovate/ubuntu-22.x
  • Merge into: master
  • Upgrade ubuntu to 22.04
chore(deps): update docker/build-push-action action to v6
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-build-push-action-6.x
  • Merge into: master
  • Upgrade docker/build-push-action to v6
chore(deps): update docker/login-action action to v3
chore(deps): update docker/setup-buildx-action action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-setup-buildx-action-3.x
  • Merge into: master
  • Upgrade docker/setup-buildx-action to v3
chore(deps): update github/codeql-action action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/github-codeql-action-3.x
  • Merge into: master
  • Upgrade github/codeql-action to v3
  • Upgrade github/codeql-action to 2d790406f505036ef40ecba973cc774a50395aac
chore(deps): update google-github-actions/auth action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/google-github-actions-auth-2.x
  • Merge into: master
  • Upgrade google-github-actions/auth to v2
chore(deps): update google-github-actions/deploy-cloudrun action to v2
chore(deps): update google-github-actions/get-gke-credentials action to v2
chore(deps): update google-github-actions/setup-gcloud action to v2
chore(deps): update hashicorp/setup-terraform action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/hashicorp-setup-terraform-3.x
  • Merge into: master
  • Upgrade hashicorp/setup-terraform to v3
chore(deps): update microsoft/setup-msbuild action to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/microsoft-setup-msbuild-2.x
  • Merge into: master
  • Upgrade microsoft/setup-msbuild to v2.0.0

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR was generated by Mend Renovate. View the repository job log.

@classicvalues classicvalues merged commit a3866aa into master Jul 23, 2024
34 of 85 checks passed
@classicvalues classicvalues deleted the renovate/configure branch July 23, 2024 04:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependency-update
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@classicvalues