base/dagger-ci-basics
3
Fork 0
Code Issues 1 Pull requests Projects Releases Packages 1 Wiki Activity Actions

chore: Configure Renovate - autoclosed #1

Closed
renovate-bot wants to merge 1 commit from renovate/configure into main
pull from: renovate/configure
merge into: base:main
Conversation 0 Commits 1 Files changed 1 +6
renovate-bot commented 2026-05-08 12:00:47 +02:00
Member
Copy link

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

Detected Package Files

  • demo/python/Dockerfile (dockerfile)
  • .forgejo/workflows/ci.yml (github-actions)
  • .gitlab-ci.yml (gitlabci)
  • dagger/go.mod (gomod)
  • renovate.json (renovate-config)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Remove hourly and concurrent rate limits.

What to Expect

With your current configuration, Renovate will create 10 Pull Requests:

chore(deps): pin dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Upgrade docker to sha256:d1d6d5265119696d8fa9b883f813953c560c5d87ea128a57681239b576f62997
  • Upgrade docker to sha256:685b91dca8eab7de1dce1c303dbb7a763e4082d6a60db10968adf3295fbd2495
  • Upgrade ghcr.io/astral-sh/uv to sha256:e5b65587bce7de595f299855d7385fe7fca39b8a74baa261ba1b7147afa78e58
  • Upgrade ghcr.io/catthehacker/ubuntu to sha256:7bb1efdf57163a8f145bf300b338904b26c7b4602eff08feb3481f4023f8c0b7
chore(deps): update docker docker tag to v27.2.1
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-27.2.x
  • Merge into: main
  • Upgrade docker to sha256:db7c4d6d0321c8f674c78a8d1186c8bdfc2f42909d28542a54358a426d34b25c
fix(deps): update module dagger.io/dagger to v0.20.8
  • Schedule: ["at any time"]
  • Branch name: renovate/dagger.io-dagger-0.20.x
  • Merge into: main
  • Upgrade dagger.io/dagger to 0aa0aeddc3f299a1c6853cfb9dc261151927f55c
chore(deps): update docker docker tag to v27.3.1
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-27.3.x
  • Merge into: main
  • Upgrade docker to sha256:6ca9a6811085e2cf769cbac04bc47daf66629102990391caab7cf37426e939da
chore(deps): update docker docker tag to v27.4.1
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-27.4.x
  • Merge into: main
  • Upgrade docker to sha256:3c8fb358b82767a38189e54a89a2ba8d71109f0a17efa87fd009ef8283c46df6
chore(deps): update docker docker tag to v27.5.1
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-27.5.x
  • Merge into: main
  • Upgrade docker to sha256:aa3df78ecf320f5fafdce71c659f1629e96e9de0968305fe1de670e0ca9176ce
chore(deps): update opentelemetry-go monorepo to v0.17.0
chore(deps): update opentelemetry-go monorepo to v0.18.0
chore(deps): update opentelemetry-go monorepo to v0.19.0
chore(deps): update docker docker tag to v28
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-28.x
  • Merge into: main
  • Upgrade docker to sha256:2a232a42256f70d78e3cc5d2b5d6b3276710a0de0596c145f627ecfae90282ac

Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Mend Renovate.

Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin. 🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged. 📚 See our [Reading List](https://docs.renovatebot.com/reading-list/) for relevant documentation you may be interested in reading. 🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to `renovate.json` in this branch. Renovate will update the Pull Request description the next time it runs. --- ### Detected Package Files * `demo/python/Dockerfile` (dockerfile) * `.forgejo/workflows/ci.yml` (github-actions) * `.gitlab-ci.yml` (gitlabci) * `dagger/go.mod` (gomod) * `renovate.json` (renovate-config) ### Configuration Summary Based on the default config's presets, Renovate will: - Start dependency updates only once this onboarding PR is merged - Enable Renovate Dependency Dashboard creation. - Use semantic commit type `fix` for dependencies and `chore` for all others if semantic commits are in use. - Ignore `node_modules`, `bower_components`, `vendor` and various test/tests (except for nuget) directories. - Group known monorepo packages together. - Use curated list of recommended non-monorepo package groupings. - Show only the Age and Confidence Merge Confidence badges for pull requests. - Apply crowd-sourced package replacement rules. - Apply crowd-sourced workarounds for known problems with packages. - Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff - Correctly link to the source code for golang.org/x packages - Link to pkg.go.dev/... for golang.org/x packages' title - Pin Docker digests. - Pin `github-action` digests. - Enable Renovate configuration migration PRs when needed. - Pin dependency versions for development dependencies. - Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides. - Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds. - Run lock file maintenance (updates) early Monday mornings. - Remove hourly and concurrent rate limits. --- ### What to Expect With your current configuration, Renovate will create 10 Pull Requests: <details> <summary>chore(deps): pin dependencies</summary> - Schedule: ["at any time"] - Branch name: `renovate/pin-dependencies` - Merge into: `main` - Upgrade docker to `sha256:d1d6d5265119696d8fa9b883f813953c560c5d87ea128a57681239b576f62997` - Upgrade docker to `sha256:685b91dca8eab7de1dce1c303dbb7a763e4082d6a60db10968adf3295fbd2495` - Upgrade ghcr.io/astral-sh/uv to `sha256:e5b65587bce7de595f299855d7385fe7fca39b8a74baa261ba1b7147afa78e58` - Upgrade ghcr.io/catthehacker/ubuntu to `sha256:7bb1efdf57163a8f145bf300b338904b26c7b4602eff08feb3481f4023f8c0b7` </details> <details> <summary>chore(deps): update docker docker tag to v27.2.1</summary> - Schedule: ["at any time"] - Branch name: `renovate/docker-27.2.x` - Merge into: `main` - Upgrade docker to `sha256:db7c4d6d0321c8f674c78a8d1186c8bdfc2f42909d28542a54358a426d34b25c` </details> <details> <summary>fix(deps): update module dagger.io/dagger to v0.20.8</summary> - Schedule: ["at any time"] - Branch name: `renovate/dagger.io-dagger-0.20.x` - Merge into: `main` - Upgrade [dagger.io/dagger](https://github.com/dagger/dagger-go-sdk) to `0aa0aeddc3f299a1c6853cfb9dc261151927f55c` </details> <details> <summary>chore(deps): update docker docker tag to v27.3.1</summary> - Schedule: ["at any time"] - Branch name: `renovate/docker-27.3.x` - Merge into: `main` - Upgrade docker to `sha256:6ca9a6811085e2cf769cbac04bc47daf66629102990391caab7cf37426e939da` </details> <details> <summary>chore(deps): update docker docker tag to v27.4.1</summary> - Schedule: ["at any time"] - Branch name: `renovate/docker-27.4.x` - Merge into: `main` - Upgrade docker to `sha256:3c8fb358b82767a38189e54a89a2ba8d71109f0a17efa87fd009ef8283c46df6` </details> <details> <summary>chore(deps): update docker docker tag to v27.5.1</summary> - Schedule: ["at any time"] - Branch name: `renovate/docker-27.5.x` - Merge into: `main` - Upgrade docker to `sha256:aa3df78ecf320f5fafdce71c659f1629e96e9de0968305fe1de670e0ca9176ce` </details> <details> <summary>chore(deps): update opentelemetry-go monorepo to v0.17.0</summary> - Schedule: ["at any time"] - Branch name: `renovate/minor-0.17-opentelemetry-go-monorepo` - Merge into: `main` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc](https://github.com/open-telemetry/opentelemetry-go) to `v0.17.0` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp](https://github.com/open-telemetry/opentelemetry-go) to `v0.17.0` - Upgrade [go.opentelemetry.io/otel/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.17.0` - Upgrade [go.opentelemetry.io/otel/sdk/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.17.0` </details> <details> <summary>chore(deps): update opentelemetry-go monorepo to v0.18.0</summary> - Schedule: ["at any time"] - Branch name: `renovate/minor-0.18-opentelemetry-go-monorepo` - Merge into: `main` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc](https://github.com/open-telemetry/opentelemetry-go) to `v0.18.0` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp](https://github.com/open-telemetry/opentelemetry-go) to `v0.18.0` - Upgrade [go.opentelemetry.io/otel/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.18.0` - Upgrade [go.opentelemetry.io/otel/sdk/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.18.0` </details> <details> <summary>chore(deps): update opentelemetry-go monorepo to v0.19.0</summary> - Schedule: ["at any time"] - Branch name: `renovate/minor-0.19-opentelemetry-go-monorepo` - Merge into: `main` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc](https://github.com/open-telemetry/opentelemetry-go) to `v0.19.0` - Upgrade [go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp](https://github.com/open-telemetry/opentelemetry-go) to `v0.19.0` - Upgrade [go.opentelemetry.io/otel/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.19.0` - Upgrade [go.opentelemetry.io/otel/sdk/log](https://github.com/open-telemetry/opentelemetry-go) to `v0.19.0` </details> <details> <summary>chore(deps): update docker docker tag to v28</summary> - Schedule: ["at any time"] - Branch name: `renovate/docker-28.x` - Merge into: `main` - Upgrade docker to `sha256:2a232a42256f70d78e3cc5d2b5d6b3276710a0de0596c145f627ecfae90282ac` </details> --- ❓ Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section. If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions). --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-config-hash:1413fe2bec983d609dfea14afc561bc1afbe5e567af883eea49899c87a29c4e1-->
Add renovate.json
Some checks failed
ci / smoke (push) Failing after 7s
Details
7abd67dd0b
renovate-bot changed title from chore: Configure Renovate to chore: Configure Renovate - autoclosed 2026-05-12 12:01:52 +02:00
renovate-bot closed this pull request 2026-05-12 12:01:52 +02:00
Some checks failed
ci / smoke (push) Failing after 7s
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
base/dagger-ci-basics!1
No description provided.