Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure Renovate #1

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Configure Renovate #1

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Jun 3, 2023
edited
Loading

Mend Renovate

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/dependency-review.yml (github-actions)
  • .github/workflows/licensed.yml (github-actions)
  • .github/workflows/release-new-action-version.yml (github-actions)
  • .github/workflows/scorecards.yml (github-actions)
  • .github/workflows/test.yml (github-actions)
  • package.json (npm)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Show all Merge Confidence badges for pull requests.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 20 Pull Requests:

Update dependency semver to v7.5.2 [SECURITY]
  • Branch name: renovate/npm-semver-vulnerability
  • Merge into: main
  • Upgrade semver to 7.5.2
Update actions/setup-node action to v2.5.2
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-node-2.x
  • Merge into: main
  • Upgrade actions/setup-node to 7c12f8017d5436eb855f1ed4399f037a36fbd9e8
Update actions/upload-artifact action to v3.1.3
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-upload-artifact-3.x
  • Merge into: main
  • Upgrade actions/upload-artifact to a8a3f3ad30e3422c9c7b888a15615d19a852ae32
Update dependency @​actions/core to v1.10.1
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-core-1.x-lockfile
  • Merge into: main
  • Upgrade @actions/core to 1.10.1
Update dependency @​types/semver to v7.5.6
  • Schedule: ["at any time"]
  • Branch name: renovate/semver-7.x-lockfile
  • Merge into: main
  • Upgrade @types/semver to 7.5.6
Update actions/checkout action to v3.6.0
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-3.x
  • Merge into: main
  • Upgrade actions/checkout to f43a0e5ff2bd294095638e18286ca9a3d1956744
Update dependency @​octokit/plugin-rest-endpoint-methods to v7.2.3
Update dependency @​vercel/ncc to ^0.38.0
  • Schedule: ["at any time"]
  • Branch name: renovate/vercel-ncc-0.x
  • Merge into: main
  • Upgrade @vercel/ncc to ^0.38.0
Update github/codeql-action action to v2.22.11
  • Schedule: ["at any time"]
  • Branch name: renovate/github-codeql-action-2.x
  • Merge into: main
  • Upgrade github/codeql-action to 03e7845b7bfcd5e7fb63d1ae8c61b0e791134fab
Update ossf/scorecard-action action to v2.3.1
  • Schedule: ["at any time"]
  • Branch name: renovate/ossf-scorecard-action-2.x
  • Merge into: main
  • Upgrade ossf/scorecard-action to 0864cf19026789058feabb7e87baa5f140aac736
Update actions/checkout action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-4.x
  • Merge into: main
  • Upgrade actions/checkout to b4ffde65f46336ab88eb53be808477a3936bae11
  • Upgrade actions/checkout to v4
Update actions/dependency-review-action action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-dependency-review-action-3.x
  • Merge into: main
  • Upgrade actions/dependency-review-action to 01bc87099ba56df1e897b6874784491ea6309bc4
Update actions/setup-node action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-node-4.x
  • Merge into: main
  • Upgrade actions/setup-node to 8f152de45cc393bb48ce5d89d36b731f54556e65
Update actions/upload-artifact action to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-upload-artifact-4.x
  • Merge into: main
  • Upgrade actions/upload-artifact to c7d193f32edcb7bfad88892161225aeda64e9392
Update dependency @​actions/github to v6
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-github-6.x
  • Merge into: main
  • Upgrade @actions/github to ^6.0.0
Update dependency @​actions/http-client to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-http-client-2.x
  • Merge into: main
  • Upgrade @actions/http-client to ^2.0.0
Update dependency @​octokit/plugin-rest-endpoint-methods to v10
Update dependency typescript to v5
  • Schedule: ["at any time"]
  • Branch name: renovate/typescript-5.x
  • Merge into: main
  • Upgrade typescript to ^5.0.0
Update github/codeql-action action to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/github-codeql-action-3.x
  • Merge into: main
  • Upgrade github/codeql-action to b374143c1149a9115d881581d29b8390bbcbb59c
Update jest monorepo to v29 (major)
  • Schedule: ["at any time"]
  • Branch name: renovate/major-jest-monorepo
  • Merge into: main
  • Upgrade @types/jest to ^29.0.0
  • Upgrade jest to ^29.0.0
  • Upgrade jest-circus to ^29.0.0
  • Upgrade ts-jest to ^29.0.0

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

Warning

Please correct - or verify that you can safely ignore - these dependency lookup failures before you merge this PR.

  • Could not determine new digest for update (github-tags package nextlinux/harden-runner)

Files affected: .github/workflows/codeql.yml

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/configure branch from 17ee008 to 3418214 Compare December 15, 2023 11:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants