gitea/renovate-config
10
4
Fork 4
Code Issues 1 Pull Requests Actions Wiki Activity

Provide reusable presets for the most common dependency types in Gitea projects #97

Merged
lunny merged 5 commits from justusbunsi/renovate-config:reusable-presets into main 2023-12-26 03:11:39 +00:00
Conversation 1 Commits 5 Files Changed 5 +138
5 changed files with 138 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
README.md
View File

@ -6,3 +6,89 @@ To host the renovate config.
- `renovate.json` in this repository ensures to receive Renovate updates.
- `default.json` holds the basic config for all repositories. It extends the presets by the renovate project defined in `renovate-schema.json`.
- Each repository can extend/alter this config by adding a `renovate.json` file to the root of the repository.
## Reusable presets
### Golang dependency group
What it does:
- Groups all Golang dependencies into one PR
- Respects your repository's `separateMajorMinor` setting[^1]
- Runs `go mod tidy` before committing to ensure a clean `go.sum`[^2]
Usage:
```diff
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>gitea/renovate-config",
+ "local>gitea/renovate-config:go-deps"
]
}
```
### NPM dependency group
What it does:
- Groups all NPM dependencies[^3] into one PR
- Respects your repository's `separateMajorMinor` setting[^1]
- Groups all NPM dev-dependencies[^3] into one PR
- Respects your repository's `separateMajorMinor` setting[^1]
Usage:
```diff
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>gitea/renovate-config",
+ "local>gitea/renovate-config:npm-deps"
]
}
```
### Workflow dependency group
What it does:
- Groups all workflow dependencies into one PR
- Respects your repository's `separateMajorMinor` setting[^1]
Usage:
```diff
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>gitea/renovate-config",
+ "local>gitea/renovate-config:workflow-deps"
]
}
```
### Security fixes
What it does:
- Bumps a dependency to resolve a vulnerability[^4]
- Overrules any scheduling and grouping for that vulnerability
Usage:
```diff
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"local>gitea/renovate-config",
+ "local>gitea/renovate-config:security"
]
}
```
[^1]: [Renovate Docs: separateMajorMinor](https://docs.renovatebot.com/configuration-options/#separatemajorminor)
[^2]: [Renovate Docs: postUpdateOptions](https://docs.renovatebot.com/configuration-options/#postupdateoptions)
[^3]: [Renovate Docs: npm dependency types](https://docs.renovatebot.com/modules/manager/npm/#additional-information)
[^4]: [Renovate Docs: osv vulnerabilities](https://docs.renovatebot.com/configuration-options/#osvvulnerabilityalerts) and [Renovate Docs: vulnerabilityAlerts](https://docs.renovatebot.com/configuration-options/#vulnerabilityalerts)

15
go-deps.json Normal file
View File

@ -0,0 +1,15 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"gomod": {
"enabled": true
},
"postUpdateOptions": [
"gomodTidy"
],
"packageRules": [
{
"groupName": "Go dependencies",
"matchManagers": ["gomod"]
}
]
}

18
npm-deps.json Normal file
View File

@ -0,0 +1,18 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"npm": {
"enabled": true
},
"packageRules": [
{
"groupName": "npm dependencies",
"matchManagers": ["npm"],
"matchDepTypes": ["dependencies"]
},
{
"groupName": "npm dev-dependencies",
"matchManagers": ["npm"],
"matchDepTypes": ["devDependencies"]
}
]
}

7
security.json Normal file
View File

@ -0,0 +1,7 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"osvVulnerabilityAlerts": true,
"vulnerabilityAlerts": {
"enabled": true
}
}

12
workflow-deps.json Normal file
View File

@ -0,0 +1,12 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"github-actions": {
"enabled": true
},
"packageRules": [
{
"groupName": "workflow dependencies",
"matchManagers": ["github-actions"]
}
]
}