infra/renovate-config
3
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Activity Actions

chore: Configure Renovate #1

Open
renovate-bot wants to merge 1 commit from renovate/configure into main
pull from: renovate/configure
merge into: infra:main
Conversation 0 Commits 1 Files changed 1 +6
renovate-bot commented 2026-05-06 21:42:31 +02:00
Member
Copy link

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

Detected Package Files

  • renovate.json (renovate-config)
  • kubernetes-deployment.json (regex)
  • kubernetes-deployment.json (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Remove hourly and concurrent rate limits.
  • Disable updates for local Forgejo reusable workflows (github-digest cannot resolve local repos)

What to Expect

With your current configuration, Renovate will create 2 Pull Requests:

chore(deps): update dependency helm to v4.1.4
  • Schedule: ["at any time"]
  • Branch name: renovate/patch-renovate-postupgradetask-tools
  • Merge into: main
  • Upgrade helm to v4.1.4
chore(deps): update dependency helm to v4.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/minor-4.2-renovate-postupgradetask-tools
  • Merge into: main
  • Upgrade helm to v4.2.0

Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Mend Renovate.

Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin. 🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged. 📚 See our [Reading List](https://docs.renovatebot.com/reading-list/) for relevant documentation you may be interested in reading. 🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to `renovate.json` in this branch. Renovate will update the Pull Request description the next time it runs. --- ### Detected Package Files * `renovate.json` (renovate-config) * `kubernetes-deployment.json` (regex) * `kubernetes-deployment.json` (regex) ### Configuration Summary Based on the default config's presets, Renovate will: - Start dependency updates only once this onboarding PR is merged - Enable Renovate Dependency Dashboard creation. - Use semantic commit type `fix` for dependencies and `chore` for all others if semantic commits are in use. - Ignore `node_modules`, `bower_components`, `vendor` and various test/tests (except for nuget) directories. - Group known monorepo packages together. - Use curated list of recommended non-monorepo package groupings. - Show only the Age and Confidence Merge Confidence badges for pull requests. - Apply crowd-sourced package replacement rules. - Apply crowd-sourced workarounds for known problems with packages. - Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff - Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff - Correctly link to the source code for golang.org/x packages - Link to pkg.go.dev/... for golang.org/x packages' title - Pin Docker digests. - Pin `github-action` digests. - Enable Renovate configuration migration PRs when needed. - Pin dependency versions for development dependencies. - Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides. - Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds. - Run lock file maintenance (updates) early Monday mornings. - Remove hourly and concurrent rate limits. - Disable updates for local Forgejo reusable workflows (github-digest cannot resolve local repos) --- ### What to Expect With your current configuration, Renovate will create 2 Pull Requests: <details> <summary>chore(deps): update dependency helm to v4.1.4</summary> - Schedule: ["at any time"] - Branch name: `renovate/patch-renovate-postupgradetask-tools` - Merge into: `main` - Upgrade [helm](https://github.com/helm/helm) to `v4.1.4` </details> <details> <summary>chore(deps): update dependency helm to v4.2.0</summary> - Schedule: ["at any time"] - Branch name: `renovate/minor-4.2-renovate-postupgradetask-tools` - Merge into: `main` - Upgrade [helm](https://github.com/helm/helm) to `v4.2.0` </details> --- ❓ Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section. If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions). --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-config-hash:a14c22999de798cefe7ba25f8b0088cd4d1b63aa93c2c7f7cec90b9f64b8c4a5-->
renovate-bot force-pushed renovate/configure from 5084bf1bba to f04aca66d7 2026-05-07 15:16:53 +02:00 Compare
This pull request can be merged automatically.
This branch is out-of-date with the base branch
You are not authorized to merge this pull request.
View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.
git fetch -u origin renovate/configure:renovate/configure
git switch renovate/configure

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch main
git merge --no-ff renovate/configure
git switch renovate/configure
git rebase main
git switch main
git merge --ff-only renovate/configure
git switch renovate/configure
git rebase main
git switch main
git merge --no-ff renovate/configure
git switch main
git merge --squash renovate/configure
git switch main
git merge --ff-only renovate/configure
git switch main
git merge renovate/configure
git push origin main
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
infra/renovate-config!1
No description provided.