Skip to content

chore: Configure Renovate#43

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/configure
Open

chore: Configure Renovate#43
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/configure

Conversation

@renovate

@renovate renovate Bot commented Apr 15, 2026

Copy link
Copy Markdown

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.


Detected Package Files

  • docker-compose.mtls.yml (docker-compose)
  • docker-compose.tls.yml (docker-compose)
  • docker-compose.yml (docker-compose)
  • Dockerfile (dockerfile)
  • .github/workflows/ci.yml (github-actions)
  • .github/workflows/codeql.yml (github-actions)
  • .github/workflows/contribution-policy.yml (github-actions)
  • .github/workflows/nightly.yml (github-actions)
  • .github/workflows/release.yml (github-actions)
  • .github/workflows/scorecard.yml (github-actions)
  • go.mod (gomod)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Hopefully safe environment variables to allow users to configure.
  • Show all Merge Confidence badges for pull requests.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Provide a link to octochangelog's improved breakdown for Renovate's changelogs

What to Expect

With your current configuration, Renovate will create 20 Pull Requests:

chore(deps): update actions/checkout action to v6.0.3
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-6.x
  • Merge into: main
  • Upgrade actions/checkout to df4cb1c069e1874edd31b4311f1884172cec0e10
chore(deps): update actions/upload-artifact action to v7.0.1
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-upload-artifact-7.x
  • Merge into: main
  • Upgrade actions/upload-artifact to 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
chore(deps): update codecov/codecov-action action to v6.0.2
  • Schedule: ["at any time"]
  • Branch name: renovate/codecov-codecov-action-6.x
  • Merge into: main
  • Upgrade codecov/codecov-action to fb8b3582c8e4def4969c97caa2f19720cb33a72f
chore(deps): update sigstore/cosign-installer action to v4.1.2
  • Schedule: ["at any time"]
  • Branch name: renovate/sigstore-cosign-installer-4.x
  • Merge into: main
  • Upgrade sigstore/cosign-installer to 6f9f17788090df1f26f669e9d70d6ae9567deba6
chore(deps): update actions/setup-go action to v6.5.0
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-setup-go-6.x
  • Merge into: main
  • Upgrade actions/setup-go to 924ae3a1cded613372ab5595356fb5720e22ba16
chore(deps): update alpine docker tag to v3.24
  • Schedule: ["at any time"]
  • Branch name: renovate/alpine-3.x
  • Merge into: main
  • Upgrade alpine to sha256:28bd5fe8b56d1bd048e5babf5b10710ebe0bae67db86916198a6eec434943f8b
chore(deps): update docker/build-push-action action to v7.3.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-build-push-action-7.x
  • Merge into: main
  • Upgrade docker/build-push-action to 53b7df96c91f9c12dcc8a07bcb9ccacbed38856a
chore(deps): update docker/login-action action to v4.4.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-login-action-4.x
  • Merge into: main
  • Upgrade docker/login-action to af1e73f918a031802d376d3c8bbc3fe56130a9b0
chore(deps): update docker/metadata-action action to v6.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-metadata-action-6.x
  • Merge into: main
  • Upgrade docker/metadata-action to dc802804100637a589fabce1cb79ff13a1411302
chore(deps): update docker/setup-buildx-action action to v4.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-setup-buildx-action-4.x
  • Merge into: main
  • Upgrade docker/setup-buildx-action to bb05f3f5519dd87d3ba754cc423b652a5edd6d2c
chore(deps): update docker/setup-qemu-action action to v4.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-setup-qemu-action-4.x
  • Merge into: main
  • Upgrade docker/setup-qemu-action to 96fe6ef7f33517b61c61be40b68a1882f3264fb8
chore(deps): update go toolchain directive to v1.26.4
  • Schedule: ["at any time"]
  • Branch name: renovate/go-1.x
  • Merge into: main
  • Upgrade go to 1.26.4
chore(deps): update golang docker tag to v1.26
  • Schedule: ["at any time"]
  • Branch name: renovate/golang-1.x
  • Merge into: main
  • Upgrade golang to sha256:3ad57304ad93bbec8548a0437ad9e06a455660655d9af011d58b993f6f615648
chore(deps): update securego/gosec action to v2.27.1
  • Schedule: ["at any time"]
  • Branch name: renovate/securego-gosec-2.x
  • Merge into: main
  • Upgrade securego/gosec to 9e6a9843d7a4a6e3e9a8539b02612c8a4aa3f889
fix(deps): update module github.com/spiffe/go-spiffe/v2 to v2.8.1
  • Schedule: ["at any time"]
  • Branch name: renovate/github.com-spiffe-go-spiffe-v2-2.x
  • Merge into: main
  • Upgrade github.com/spiffe/go-spiffe/v2 to v2.8.1
fix(deps): update module golang.org/x/crypto to v0.53.0
  • Schedule: ["at any time"]
  • Branch name: renovate/golang.org-x-crypto-0.x
  • Merge into: main
  • Upgrade golang.org/x/crypto to v0.53.0
fix(deps): update module modernc.org/sqlite to v1.53.0
  • Schedule: ["at any time"]
  • Branch name: renovate/modernc.org-sqlite-1.x
  • Merge into: main
  • Upgrade modernc.org/sqlite to v1.53.0
chore(deps): update actions/checkout action to v7
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-checkout-7.x
  • Merge into: main
  • Upgrade actions/checkout to 9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
chore(deps): update actions/dependency-review-action action to v5
  • Schedule: ["at any time"]
  • Branch name: renovate/actions-dependency-review-action-5.x
  • Merge into: main
  • Upgrade actions/dependency-review-action to a1d282b36b6f3519aa1f3fc636f609c47dddb294
chore(deps): update codecov/codecov-action action to v7
  • Schedule: ["at any time"]
  • Branch name: renovate/codecov-codecov-action-7.x
  • Merge into: main
  • Upgrade codecov/codecov-action to fb8b3582c8e4def4969c97caa2f19720cb33a72f

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.


❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.


This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from devonartis as a code owner April 15, 2026 22:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants