Configure Renovate

[escargatoiresnailbot]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• docker-compose.yml (docker-compose)
• Dockerfile.bot (dockerfile)
• Dockerfile.web (dockerfile)
• .github/workflows/docker-build-bot.yml (github-actions)
• .github/workflows/docker-build-web.yml (github-actions)
• requirements.txt (pip_requirements)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for development dependencies.
• Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
• Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
• Run lock file maintenance (updates) early Monday mornings.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 13 Pull Requests:

Pin dependencies

• Schedule: ["at any time"]
• Branch name: renovate/pin-dependencies
• Merge into: main
• Upgrade cloudflare/cloudflared to sha256:6b599ca3e974349ead3286d178da61d291961182ec3fe9c505e1dd02c8ac31b0
• Upgrade containrrr/watchtower to sha256:6dd50763bbd632a83cb154d5451700530d1e44200b268a4e9488fefdfcf2b038
• Upgrade ghcr.io/nelsondane/sponsors-bot to sha256:34aaa93b97f2675095379554215717f0f81b6002782a9370693c38f19653521e
• Upgrade ghcr.io/nelsondane/sponsors-bot-web to sha256:7972372a50c1ff0374174e802f0cd9c18294c8d6675bcaaf98dbb25228541922
• Upgrade postgres to sha256:2cd82735a36356842d5eb1ef80db3ae8f1154172f0f653db48fde079b2a0b7f7
• Upgrade python to sha256:180806b5499ba41dc14891070f4e58cec5e361fc1d33f8c7a2d29ab433d22b4e

Update NelsonDane/Custom-GitHub-Actions digest to b1f8f69

• Schedule: ["at any time"]
• Branch name: renovate/all-digest
• Merge into: main
• Upgrade NelsonDane/Custom-GitHub-Actions to b1f8f69f32ea50a482e2eac5da4af4013ac6c6ee

Update dependency flask to v3.1.3

• Schedule: ["at any time"]
• Branch name: renovate/flask-3.x
• Merge into: main
• Upgrade flask to ==3.1.3

Update dependency psycopg2 to v2.9.11

• Schedule: ["at any time"]
• Branch name: renovate/psycopg2-2.x
• Merge into: main
• Upgrade psycopg2 to ==2.9.11

Update dependency PyYAML to v6.0.3

• Schedule: ["at any time"]
• Branch name: renovate/pyyaml-6.x
• Merge into: main
• Upgrade PyYAML to ==6.0.3

Update dependency requests to v2.32.5

• Schedule: ["at any time"]
• Branch name: renovate/requests-2.x
• Merge into: main
• Upgrade requests to ==2.32.5

Update dependency discord.py to v2.7.1

• Schedule: ["at any time"]
• Branch name: renovate/discord.py-2.x
• Merge into: main
• Upgrade discord.py to ==2.7.1

Update dependency emoji to v2.15.0

• Schedule: ["at any time"]
• Branch name: renovate/emoji-2.x
• Merge into: main
• Upgrade emoji to ==2.15.0

Update dependency python-dotenv to v1.2.2

• Schedule: ["at any time"]
• Branch name: renovate/python-dotenv-1.x
• Merge into: main
• Upgrade python-dotenv to ==1.2.2

Update dependency setuptools to v80.10.2

• Schedule: ["at any time"]
• Branch name: renovate/setuptools-80.x
• Merge into: main
• Upgrade setuptools to ==80.10.2

Update python Docker tag to v3.14

• Schedule: ["at any time"]
• Branch name: renovate/python-3.x
• Merge into: main
• Upgrade python to sha256:61346539f7b26521a230e72c11da5ebd872924745074b19736e7d65ba748c366

Update dependency setuptools to v82

• Schedule: ["at any time"]
• Branch name: renovate/setuptools-82.x
• Merge into: main
• Upgrade setuptools to ==82.0.1

Update postgres Docker tag to v18

• Schedule: ["at any time"]
• Branch name: renovate/postgres-18.x
• Merge into: main
• Upgrade postgres to sha256:69e8582b781cb44fa4557b98ed586fe68361e320d9b12f9707494335634f4f3d

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.