Skip to content

Configure Renovate #411

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Aug 23, 2025
Merged

Configure Renovate #411

merged 2 commits into from
Aug 23, 2025

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 23, 2025
edited
Loading

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • .devcontainer/Dockerfile (dockerfile)
  • .github/workflows/benchmark.yml (github-actions)
  • .github/workflows/build.yml (github-actions)
  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/lint.yml (github-actions)
  • src/TodoApp/Pages/Shared/_Layout.cshtml (html)
  • src/TodoApp/wwwroot/swagger-ui/index.html (html)
  • src/TodoApp/package.json (npm)
  • global.json (nuget)
  • perf/TodoApp.Benchmarks/TodoApp.Benchmarks.csproj (nuget)
  • src/TodoApp/TodoApp.csproj (nuget)
  • tests/TodoApp.Tests/TodoApp.Tests.csproj (nuget)
  • .github/workflows/build.yml (regex)
  • .github/workflows/lint.yml (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Hopefully safe environment variables to allow users to configure.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Update _VERSION variables in Dockerfiles.
  • Update _VERSION environment variables in GitHub Action files.
  • Require all status checks to pass before any automerging.
  • Remove hourly and concurrent rate limits.
  • Raise PR when vulnerability alerts are detected.
  • Append Signed-off-by: to signoff Git commits.
  • Upgrade to unstable versions only if the existing version is unstable.
  • Evaluate schedules according to timezone Europe/London.
  • Show all Merge Confidence badges for pull requests.
  • Run Renovate on following schedule: * 5-21 * * MON-FRI

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 7 Pull Requests:

Pin mcr.microsoft.com/vscode/devcontainers/universal Docker tag to a17850c
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/dockerfile/pin-dependencies
  • Merge into: main
  • Upgrade mcr.microsoft.com/vscode/devcontainers/universal to sha256:a17850cb3c212f4ce09b895051bd219dd291cbee492e80b2f7915d2562c5c2f8
Pin dependencies
Bump openapi-dotnet monorepo to 1.6.25
Bump dependency Microsoft.Playwright to 1.54.0
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/nuget/playwright-dotnet-monorepo
  • Merge into: main
  • Upgrade Microsoft.Playwright to 1.54.0
Bump dependency Microsoft.TypeScript.MSBuild to 5.9.2
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/nuget/microsoft.typescript.msbuild-5.x
  • Merge into: main
  • Upgrade Microsoft.TypeScript.MSBuild to 5.9.2
Bump dependency NSwag.AspNetCore to 14.5.0
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/nuget/nswag-monorepo
  • Merge into: main
  • Upgrade NSwag.AspNetCore to 14.5.0
Bump dependency Microsoft.OpenApi to v2
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/nuget/major-openapi-dotnet-monorepo
  • Merge into: main
  • Upgrade Microsoft.OpenApi to 2.1.0

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR was generated by Mend Renovate. View the repository job log.

@renovate
Add renovate.json
a2846d7 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 23, 2025
@renovate renovate bot requested a review from martincostello as a code owner August 23, 2025 13:55
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 23, 2025
@martincostello
Configure Renovate
a536180 
- Add `renovate.json`.
- "Disable" dependabot, but leave the configuration file in place to show to automated tools that automated dependency updates are used in case they do not recognise Renovate.
@martincostello martincostello merged commit 7a95a79 into main Aug 23, 2025
11 checks passed
@martincostello martincostello deleted the renovate/configure branch August 23, 2025 14:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martincostello martincostello martincostello approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@martincostello