98 lines
2.5 KiB
JSON
98 lines
2.5 KiB
JSON
{
|
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
|
|
"extends": [
|
|
"config:recommended",
|
|
":semanticCommits",
|
|
":separateMultipleMajorReleases",
|
|
"helpers:pinGitHubActionDigests"
|
|
],
|
|
"baseBranches": [
|
|
"development"
|
|
],
|
|
"timezone": "America/New_York",
|
|
"dependencyDashboard": true,
|
|
"prConcurrentLimit": 10,
|
|
"prHourlyLimit": 0,
|
|
"labels": [
|
|
"dependencies"
|
|
],
|
|
|
|
"rebaseWhen": "auto",
|
|
|
|
"vulnerabilityAlerts": {
|
|
"enabled": true
|
|
},
|
|
|
|
"schedule": [
|
|
"before 8am on monday"
|
|
],
|
|
|
|
"rangeStrategy": "bump",
|
|
"automerge": true,
|
|
"automergeType": "pr",
|
|
"platformAutomerge": true,
|
|
|
|
"customManagers": [
|
|
{
|
|
"customType": "regex",
|
|
"description": "Track Go dependencies patched in Dockerfile for Caddy CVE fixes",
|
|
"managerFilePatterns": [
|
|
"/^Dockerfile$/"
|
|
],
|
|
"matchStrings": [
|
|
"#\\s*renovate:\\s*datasource=go\\s+depName=(?<depName>[^\\s]+)\\s*\\n\\s*go get (?<depName2>[^@]+)@v(?<currentValue>[^\\s|]+)"
|
|
],
|
|
"datasourceTemplate": "go",
|
|
"versioningTemplate": "semver"
|
|
},
|
|
{
|
|
"customType": "regex",
|
|
"description": "Track Debian base image in Dockerfile",
|
|
"managerFilePatterns": ["/^Dockerfile$/"],
|
|
"matchStrings": [
|
|
"ARG CADDY_IMAGE=debian:(?<currentValue>[\\w.-]+)"
|
|
],
|
|
"depNameTemplate": "debian",
|
|
"datasourceTemplate": "docker"
|
|
}
|
|
],
|
|
|
|
"packageRules": [
|
|
{
|
|
"description": "THE MEGAZORD: Group ALL non-major updates (NPM, Docker, Go, Actions) into one weekly PR",
|
|
"matchPackagePatterns": ["*"],
|
|
"matchUpdateTypes": [
|
|
"minor",
|
|
"patch",
|
|
"pin",
|
|
"digest"
|
|
],
|
|
"groupName": "weekly-non-major-updates",
|
|
"automerge": true
|
|
},
|
|
{
|
|
"description": "Preserve your custom Caddy patch labels but allow them to group into the weekly PR",
|
|
"matchManagers": ["custom.regex"],
|
|
"matchFileNames": ["Dockerfile"],
|
|
"labels": ["caddy-patch", "security"],
|
|
"matchPackageNames": [
|
|
"/expr-lang/expr/",
|
|
"/quic-go/quic-go/",
|
|
"/smallstep/certificates/"
|
|
]
|
|
},
|
|
{
|
|
"description": "Docker: keep Caddy within v2 (no automatic jump to v3)",
|
|
"matchManagers": ["dockerfile"],
|
|
"matchPackageNames": ["caddy"],
|
|
"allowedVersions": "<3.0.0"
|
|
},
|
|
{
|
|
"description": "Safety: Keep MAJOR updates separate and require manual review",
|
|
"matchUpdateTypes": ["major"],
|
|
"automerge": false,
|
|
"labels": ["manual-review"]
|
|
}
|
|
]
|
|
}
|