diff --git a/.github/renovate.json b/.github/renovate.json index 4381f6ca..0518e8cf 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,18 +1,58 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "config:base", + "config:recommended", ":dependencyDashboard", ":disableRateLimiting", ":pinOnlyDevDependencies", "npm:unpublishSafe", "docker:pinDigests", - "helpers:pinGitHubActionDigests" + "helpers:pinGitHubActionDigests", + "security:openssf-scorecard" + ], + "ignorePresets": [ + ":semanticPrefixFixDepsChoreOthers", + "group:semantic-releaseMonorepo", + "group:commitlintMonorepo" ], "schedule": ["before 5am every weekday", "every weekend"], "lockFileMaintenance": { "enabled": true, "automerge": true }, "labels": ["dependencies"], + "osvVulnerabilityAlerts": true, "packageRules": [ + { + "matchPackagePatterns": ["*"], + "semanticCommitType": "chore" + }, + { + "matchDepTypes": ["dependencies"], + "semanticCommitType": "build" + }, + { + "matchDepTypes": ["action"], + "semanticCommitType": "ci", + "semanticCommitScope": "action" + }, + + { + "extends": ["monorepo:semantic-release"], + "groupName": "semantic-release related packages", + "matchUpdateTypes": ["digest", "patch", "minor", "major"] + }, + { + "extends": ["monorepo:commitlint"], + "groupName": "semantic-release related packages", + "matchUpdateTypes": ["digest", "patch", "minor", "major"] + }, + { + "matchPackagePatterns": [ + "@insurgentlab/conventional-changelog-preset", + "@insurgentlab/commitlint-config" + ], + "groupName": "semantic-release related packages", + "matchUpdateTypes": ["digest", "patch", "minor", "major"] + }, + { "extends": ["packages:linters"], "groupName": "linters", @@ -23,15 +63,11 @@ "groupName": "tests", "addLabels": ["tests"] }, + { "matchDepTypes": ["devDependencies"], "matchUpdateTypes": ["minor", "patch"], "automerge": true - }, - { - "matchDepTypes": ["action"], - "semanticCommitType": "ci", - "semanticCommitScope": "action" } ] }