From b117d272a006f902cca69742f555a82b7d20f13a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81rp=C3=A1d=20Csepi?= Date: Mon, 29 Jun 2026 14:44:12 +0200 Subject: [PATCH 1/2] fix: renovate github action update MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Árpád Csepi --- renovate.json | 80 ++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 64 insertions(+), 16 deletions(-) diff --git a/renovate.json b/renovate.json index 9c72fcb..cd20ed1 100644 --- a/renovate.json +++ b/renovate.json @@ -9,16 +9,22 @@ "customManagers": [ { "customType": "regex", - "managerFilePatterns": ["/(^|/)Taskfile[^/]*\\.yml$/"], + "managerFilePatterns": [ + "/(^|/)Taskfile[^/]*\\.yml$/" + ], "matchStrings": [ "(?m)^\\s*#\\s*renovate:\\s*datasource=(?\\S+)\\s+depName=(?\\S+)(?:\\s+versioning=(?\\S+))?(?:\\s+registryUrl=(?\\S+))?\\s*\\r?\\n\\s*(?[A-Z0-9_]+)_VERSION:\\s+\"?(?[^\"@\\s]+)\"?\\s*$" ], "currentValueTemplate": "{{currentValue}}", - "description": ["Custom dependency manager for updating tool version defined in Taskfile."] + "description": [ + "Custom dependency manager for updating tool version defined in Taskfile." + ] }, { "customType": "regex", - "managerFilePatterns": ["/(^|/)Taskfile[^/]*\\.yml$/"], + "managerFilePatterns": [ + "/(^|/)Taskfile[^/]*\\.yml$/" + ], "matchStrings": [ "(?m)^\\s*#\\s*renovate:\\s*datasource=(?\\S+)\\s+depName=(?\\S+)(?:\\s+versioning=(?\\S+))?(?:\\s+registryUrl=(?\\S+))?\\s*\\r?\\n\\s*(?[A-Z0-9_]+)_VERSION:\\s+\"?(?:(?[^@\"\\s]+)@)?(?sha256:[a-f0-9]+)\"?\\s*$" ], @@ -36,8 +42,16 @@ "before 8am on Wednesday", "before 8am on Friday" ], - "enabledManagers": ["custom.regex", "github-actions", "npm", "nvm", "nodenv"], - "labels": ["dependencies"], + "enabledManagers": [ + "custom.regex", + "github-actions", + "npm", + "nvm", + "nodenv" + ], + "labels": [ + "dependencies" + ], "ignoreDeps": [ "@buf/agntcy_dir.bufbuild_es", "@buf/bufbuild_protovalidate.bufbuild_es", @@ -49,15 +63,23 @@ }, "packageRules": [ { - "matchUpdateTypes": ["major"], + "matchUpdateTypes": [ + "major" + ], "enabled": false, - "description": ["Ignore major dependency updates."] + "description": [ + "Ignore major dependency updates." + ] }, { "groupName": "Node", "groupSlug": "node", - "matchFileNames": ["package.json"], - "addLabels": ["dependencies"], + "matchFileNames": [ + "package.json" + ], + "addLabels": [ + "dependencies" + ], "description": [ "Add dependencies label to PRs which are related to Node dependencies.", "Group Node dependency updates in single PR." @@ -66,8 +88,12 @@ { "groupName": "Taskfile", "groupSlug": "taskfile", - "matchFileNames": ["Taskfile.*"], - "addLabels": ["build"], + "matchFileNames": [ + "Taskfile.*" + ], + "addLabels": [ + "build" + ], "description": [ "Add build label to PRs which are related to build tools defined in Taskfile.", "Group Taskfile dependency updates in single PR." @@ -76,15 +102,33 @@ { "groupName": "Github Actions", "groupSlug": "github-actions", - "matchDatasources": ["github-tags"], - "addLabels": ["ci"], + "matchManagers": [ + "github-actions" + ], + "addLabels": [ + "ci" + ], "description": [ "Add ci label to PRs which are related to Github Actions.", "Group CI dependency updates in single PR." ] }, { - "matchJsonata": ["$exists(vulnerabilityFixVersion) or isVulnerabilityAlert = true"], + "matchManagers": [ + "github-actions" + ], + "matchUpdateTypes": [ + "major" + ], + "enabled": true, + "description": [ + "Allow major GitHub Actions updates (digest + semver pin format)." + ] + }, + { + "matchJsonata": [ + "$exists(vulnerabilityFixVersion) or isVulnerabilityAlert = true" + ], "enabled": true, "description": [ "Always allow vulnerability/security fixes, even when other rules disable majors or specific dependencies." @@ -101,8 +145,12 @@ "timezone": "Etc/UTC", "vulnerabilityAlerts": { "enabled": true, - "labels": ["security"], + "labels": [ + "security" + ], "minimumReleaseAge": null, - "schedule": ["at any time"] + "schedule": [ + "at any time" + ] } } From c582cfb4f3cb63633e32ff2698910a3ade7fbcdd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81rp=C3=A1d=20Csepi?= Date: Mon, 29 Jun 2026 14:52:36 +0200 Subject: [PATCH 2/2] fix: enable major version bumps MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Árpád Csepi --- renovate.json | 23 +---------------------- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/renovate.json b/renovate.json index cd20ed1..6c0394a 100644 --- a/renovate.json +++ b/renovate.json @@ -62,15 +62,6 @@ "enabled": true }, "packageRules": [ - { - "matchUpdateTypes": [ - "major" - ], - "enabled": false, - "description": [ - "Ignore major dependency updates." - ] - }, { "groupName": "Node", "groupSlug": "node", @@ -113,25 +104,13 @@ "Group CI dependency updates in single PR." ] }, - { - "matchManagers": [ - "github-actions" - ], - "matchUpdateTypes": [ - "major" - ], - "enabled": true, - "description": [ - "Allow major GitHub Actions updates (digest + semver pin format)." - ] - }, { "matchJsonata": [ "$exists(vulnerabilityFixVersion) or isVulnerabilityAlert = true" ], "enabled": true, "description": [ - "Always allow vulnerability/security fixes, even when other rules disable majors or specific dependencies." + "Always allow vulnerability/security fixes, even when other rules disable specific dependencies." ] } ],