Solo icon indicating copy to clipboard operation
Solo copied to clipboard
verified publisher icon TryGhost

Configure Renovate

Open renovate[bot] opened this issue 3 years ago • 0 comments

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • package.json (npm)
  • renovate.json (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Hopefully safe environment variables to allow users to configure.
  • Show all Merge Confidence badges for pull requests.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Enable Renovate Dependency Dashboard creation.
  • Remove hourly and concurrent rate limits.
  • Run lock file maintenance (updates) early Monday mornings.
  • Disable semantic prefixes for commit messages and PR titles.
  • Pin dependency versions where depType=dependencies. Usually applies only to non-dev dependencies in package.json.
  • Pin dependency versions for development dependencies.
  • Group all Vite related packages together.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Base configuration rules with quiet automerging
  • Default preset that extends quiet configuration

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 3 Pull Requests:

Update dependency beeper to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/beeper-3.x
  • Merge into: main
  • Upgrade beeper to 3.0.0
Update dependency gulp-zip to v6
  • Schedule: ["at any time"]
  • Branch name: renovate/gulp-zip-6.x
  • Merge into: main
  • Upgrade gulp-zip to 6.1.0
Lock file maintenance
  • Schedule: ["* 0-3 * * 1"]
  • Branch name: renovate/lock-file-maintenance
  • Merge into: main
  • Regenerate lock files to use latest dependency versions

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.

This PR was generated by Mend Renovate. View the repository job log.

renovate[bot] avatar Sep 12 '22 11:09 renovate[bot]