keligrubb/scrollsmith
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 113 Wiki Activity

Configure Renovate #1

Merged
keligrubb merged 1 commits from renovate/configure into main 2026-02-22 03:27:39 +00:00
Conversation 0 Commits 1 Files Changed 1 +3
renovate-bot commented 2026-02-22 02:26:01 +00:00
Collaborator
Copy Link

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • package.json (npm)
  • .woodpecker/ci.yml (woodpecker)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Group all minor and patch updates together.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 5 Pull Requests:

Pin dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Pin @eslint/js to 9.39.2
  • Upgrade curlimages/curl to sha256:d94d07ba9e7d6de898b6d96c1a072f6f8266c687af78a74f380087a0addf5d17
  • Pin eslint to 9.39.2
  • Upgrade ghcr.io/puppeteer/puppeteer to sha256:19d010877be7911acd7ad1795f603b4ca604c88c26848b81d1d9914e85a289e4
  • Pin globals to 17.0.0
  • Upgrade node to sha256:379c51ac7bbf9bffe16769cfda3eb027d59d9c66ac314383da3fcf71b46d026c
Update all non-major dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/all-minor-patch
  • Merge into: main
  • Upgrade dotenv to 17.3.1
  • Upgrade puppeteer to 24.37.4
Update eslint monorepo to v10 (major)
  • Schedule: ["at any time"]
  • Branch name: renovate/major-eslint-monorepo
  • Merge into: main
  • Upgrade @eslint/js to ^10.0.0
  • Upgrade eslint to ^10.0.0
Update Node.js to v24
  • Schedule: ["at any time"]
  • Branch name: renovate/node-24.x
  • Merge into: main
  • Upgrade node to sha256:00e9195ebd49985a6da8921f419978d85dfe354589755192dc090425ce4da2f7
Lock file maintenance
  • Schedule: ["* 0-3 * * 1"]
  • Branch name: renovate/lock-file-maintenance
  • Merge into: main
  • Regenerate lock files to use latest dependency versions

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Renovate Bot.

Welcome to [Renovate](https://github.com/renovatebot/renovate)! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin. 🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged. --- ### Detected Package Files * `package.json` (npm) * `.woodpecker/ci.yml` (woodpecker) ### Configuration Summary Based on the default config's presets, Renovate will: - Start dependency updates only once this onboarding PR is merged - Enable Renovate Dependency Dashboard creation. - Use semantic commit type `fix` for dependencies and `chore` for all others if semantic commits are in use. - Ignore `node_modules`, `bower_components`, `vendor` and various test/tests (except for nuget) directories. - Group known monorepo packages together. - Use curated list of recommended non-monorepo package groupings. - Show only the Age and Confidence Merge Confidence badges for pull requests. - Apply crowd-sourced package replacement rules. - Apply crowd-sourced workarounds for known problems with packages. - Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff - Correctly link to the source code for golang.org/x packages - Link to pkg.go.dev/... for golang.org/x packages' title - Pin Docker digests. - Pin `github-action` digests. - Enable Renovate configuration migration PRs when needed. - Pin dependency versions for development dependencies. - Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides. - Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds. - Run lock file maintenance (updates) early Monday mornings. - Group all `minor` and `patch` updates together. 🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to `renovate.json` in this branch. Renovate will update the Pull Request description the next time it runs. --- ### What to Expect With your current configuration, Renovate will create 5 Pull Requests: <details> <summary>Pin dependencies</summary> - Schedule: ["at any time"] - Branch name: `renovate/pin-dependencies` - Merge into: `main` - Pin [@eslint/js](https://github.com/eslint/eslint) to `9.39.2` - Upgrade curlimages/curl to `sha256:d94d07ba9e7d6de898b6d96c1a072f6f8266c687af78a74f380087a0addf5d17` - Pin [eslint](https://github.com/eslint/eslint) to `9.39.2` - Upgrade ghcr.io/puppeteer/puppeteer to `sha256:19d010877be7911acd7ad1795f603b4ca604c88c26848b81d1d9914e85a289e4` - Pin [globals](https://github.com/sindresorhus/globals) to `17.0.0` - Upgrade [node](https://github.com/nodejs/node) to `sha256:379c51ac7bbf9bffe16769cfda3eb027d59d9c66ac314383da3fcf71b46d026c` </details> <details> <summary>Update all non-major dependencies</summary> - Schedule: ["at any time"] - Branch name: `renovate/all-minor-patch` - Merge into: `main` - Upgrade [dotenv](https://github.com/motdotla/dotenv) to `17.3.1` - Upgrade [puppeteer](https://github.com/puppeteer/puppeteer) to `24.37.4` </details> <details> <summary>Update eslint monorepo to v10 (major)</summary> - Schedule: ["at any time"] - Branch name: `renovate/major-eslint-monorepo` - Merge into: `main` - Upgrade [@eslint/js](https://github.com/eslint/eslint) to `^10.0.0` - Upgrade [eslint](https://github.com/eslint/eslint) to `^10.0.0` </details> <details> <summary>Update Node.js to v24</summary> - Schedule: ["at any time"] - Branch name: `renovate/node-24.x` - Merge into: `main` - Upgrade [node](https://github.com/nodejs/node) to `sha256:00e9195ebd49985a6da8921f419978d85dfe354589755192dc090425ce4da2f7` </details> <details> <summary>Lock file maintenance</summary> - Schedule: ["* 0-3 * * 1"] - Branch name: `renovate/lock-file-maintenance` - Merge into: `main` - Regenerate lock files to use latest dependency versions </details> 🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for `prHourlyLimit` for details. --- ❓ Got questions? Check out Renovate's [Docs](https://docs.renovatebot.com/), particularly the Getting Started section. If you need any further assistance then you can also [request help here](https://github.com/renovatebot/renovate/discussions). --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-config-hash:94693a990c975907e7f13da3309b9d56ba02b3983519b41786edf5cf031e457c-->
renovate-bot added 1 commit 2026-02-22 02:26:01 +00:00
Add renovate.json 57e8625d1d
keligrubb force-pushed renovate/configure from 57e8625d1d to 3ef8f05e1d 2026-02-22 03:26:51 +00:00 Compare
keligrubb merged commit 5e7369cd25 into main 2026-02-22 03:27:39 +00:00
keligrubb deleted branch renovate/configure 2026-02-22 03:27:53 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
marshallgrubb renovate-bot keligrubb
No Assignees
2 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: keligrubb/scrollsmith#1
Delete Branch "renovate/configure"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?