Skip to content

Configure Renovate#149

Merged
martincostello merged 2 commits intomainfrom
renovate/configure
Aug 23, 2025
Merged

Configure Renovate#149
martincostello merged 2 commits intomainfrom
renovate/configure

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Aug 23, 2025
edited
Loading

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • .github/workflows/benchmark.yml (github-actions)
  • .github/workflows/build.yml (github-actions)
  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/lint.yml (github-actions)
  • Directory.Packages.props (nuget)
  • global.json (nuget)
  • src/DotNetBenchmarks/DotNetBenchmarks.csproj (nuget)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Hopefully safe environment variables to allow users to configure.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Update _VERSION variables in Dockerfiles.
  • Update _VERSION environment variables in GitHub Action files.
  • Require all status checks to pass before any automerging.
  • Remove hourly and concurrent rate limits.
  • Raise PR when vulnerability alerts are detected.
  • Append Signed-off-by: to signoff Git commits.
  • Upgrade to unstable versions only if the existing version is unstable.
  • Evaluate schedules according to timezone Europe/London.
  • Show all Merge Confidence badges for pull requests.
  • Run Renovate on following schedule: * 5-21 * * MON-FRI

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 3 Pull Requests:

Bump github/codeql-action digest to 51f7732
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/github-actions/github-codeql-action-digest
  • Merge into: main
  • Upgrade github/codeql-action to 51f77329afa6477de8c49fc9c7046c15b9a4e79d
Bump rhysd/actionlint Docker digest to 887a259
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/github-actions/rhysd-actionlint
  • Merge into: main
  • Upgrade rhysd/actionlint to sha256:887a259a5a534f3c4f36cb02dca341673c6089431057242cdc931e9f133147e9
Bump github/codeql-action action to v3.29.11
  • Schedule: ["* 5-21 * * MON-FRI"]
  • Branch name: renovate/github-actions/github-codeql-action-3.x
  • Merge into: main
  • Upgrade github/codeql-action to 3c3833e0f8c1c83d449a7478aa59c036a9165498

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR was generated by Mend Renovate. View the repository job log.

@renovate
Add renovate.json
085c37e 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 23, 2025
@renovate renovate bot requested a review from martincostello as a code owner August 23, 2025 13:55
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Aug 23, 2025
@martincostello
Configure Renovate
8f14bdb 
- Add `renovate.json`.
- "Disable" dependabot, but leave the configuration file in place to show to automated tools that automated dependency updates are used in case they do not recognise Renovate.
@martincostello martincostello merged commit 702e4a3 into main Aug 23, 2025
9 checks passed
@martincostello martincostello deleted the renovate/configure branch August 23, 2025 14:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@martincostello martincostello martincostello approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@martincostello