Skip to content
/ renovate-config Public

Adopt config:best-practices as Renovate base preset#11

Open
ErisDS wants to merge 1 commit intomainfrom
chore/renovate-best-practices-base
Open

Adopt config:best-practices as Renovate base preset#11
ErisDS wants to merge 1 commit intomainfrom
chore/renovate-best-practices-base

Conversation

@ErisDS
Copy link
Member

@ErisDS ErisDS commented Mar 2, 2026

Summary

  • switch quiet.json5 base preset from config:recommended to config:best-practices
  • keep maintainLockFilesWeekly and security:minimumReleaseAgeNpm explicitly listed with comments as critical safeguards

Why

This keeps Ghost-specific behavior while inheriting Renovate’s broader best-practice baseline and makes the two critical safety protections explicit and durable in our shared preset.

@ErisDS
Adopt config:best-practices as shared Renovate base
2b38afb 
Switch the shared preset baseline from config:recommended to config:best-practices while preserving existing Ghost-specific behavior. Keep lockfile maintenance and minimum release age explicitly listed with comments so these safeguards remain visible and intentional.
@coderabbitai
Copy link

coderabbitai bot commented Mar 2, 2026
edited
Loading

Walkthrough

The quiet.json5 configuration file was updated to replace config:recommended with config:best-practices in the extends array. The maintainLockFilesWeekly entry was removed and then reintroduced with expanded explanatory comments. Comments were also updated to correct terminology (vite → Vite) and document safeguards associated with the new best-practices configuration. The net change is 8 lines added and 8 lines removed.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately and concisely describes the main change: adopting config:best-practices as the Renovate base preset.
Description check ✅ Passed The description clearly explains the changes and their rationale, directly relating to the modifications shown in the pull request.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch chore/renovate-best-practices-base

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Mar 2, 2026
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (1)
quiet.json5 (1)

5-6: Appropriate adoption of config:best-practices.

The config:best-practices preset includes the Renovate maintainers' upgrade best practices and extends config:recommended with additional presets including security:minimumReleaseAgeNpm and :maintainLockFilesWeekly.

Note: config:best-practices already includes :pinDevDependencies, which is also explicitly listed at line 15. This redundancy is harmless (Renovate handles idempotent presets), but you may want to remove the explicit :pinDevDependencies at line 15 for consistency—unless you intentionally keep it for visibility like the other two safeguards.

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@quiet.json5` around lines 5 - 6, The config:best-practices preset already
includes :pinDevDependencies, so in quiet.json5 remove the redundant explicit
":pinDevDependencies" entry to avoid duplication (or if you intended to keep it
for visibility, add a comment explaining that choice); update the presets array
to only list "config:best-practices" (and any other presets you intentionally
want) and ensure the symbol ":pinDevDependencies" is not repeated elsewhere in
the file.
🤖 Prompt for all review comments with AI agents 
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@quiet.json5`:
- Around line 5-6: The config:best-practices preset already includes
:pinDevDependencies, so in quiet.json5 remove the redundant explicit
":pinDevDependencies" entry to avoid duplication (or if you intended to keep it
for visibility, add a comment explaining that choice); update the presets array
to only list "config:best-practices" (and any other presets you intentionally
want) and ensure the symbol ":pinDevDependencies" is not repeated elsewhere in
the file.
ℹ️ Review info

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 71f05eb and 2b38afb.

📒 Files selected for processing (1)
  • quiet.json5

@ErisDS ErisDS mentioned this pull request Mar 2, 2026
Closed
@jloh
Copy link
Member

jloh commented Mar 3, 2026

LGTM 🎉 Since we'll be pinning GHA workflows now, is it worth adding an automerge rule for trusted (official/our own) GHA changes? Will keep noise lower I think. Happy to PR this myself.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@ErisDS @jloh