Skip to content

chore: Configure Renovate#82

Open
bootc-bot[bot] wants to merge 1 commit into
mainfrom
bootc-renovate/configure
Open

chore: Configure Renovate#82
bootc-bot[bot] wants to merge 1 commit into
mainfrom
bootc-renovate/configure

Conversation

@bootc-bot

@bootc-bot bootc-bot Bot commented Jun 26, 2026
edited
Loading

Copy link
Copy Markdown

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

Detected Package Files

  • Containerfile (dockerfile)
  • .github/workflows/ci.yaml (github-actions)
  • .github/workflows/dependabot.yml (github-actions)
  • .github/workflows/zizmor.yml (github-actions)
  • go.mod (gomod)
  • renovate.json (renovate-config)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Provide a link to octochangelog's improved breakdown for Renovate's changelogs
  • Append Signed-off-by: to signoff Git commits.
  • Group all updates together.
  • Preserve (but continue to upgrade) any existing SemVer ranges.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Provide a link to octochangelog's improved breakdown for Renovate's changelogs
  • Append Signed-off-by: to signoff Git commits.
  • Group all updates together.
  • Preserve (but continue to upgrade) any existing SemVer ranges.

What to Expect

With your current configuration, Renovate will create 3 Pull Requests:

fix(deps): update module github.com/onsi/gomega to v1.42.1
  • Schedule: ["on sunday"]
  • Branch name: bootc-renovate/all
  • Merge into: main
  • Upgrade github.com/onsi/gomega to v1.42.1
chore(deps): update actions/setup-go action to v6.5.0
  • Schedule: ["on sunday"]
  • Branch name: bootc-renovate/github-actions
  • Merge into: main
  • Upgrade actions/setup-go to 924ae3a1cded613372ab5595356fb5720e22ba16
chore(deps): update quay.io/fedora/fedora-minimal docker tag to v45
  • Schedule: ["on sunday"]
  • Branch name: bootc-renovate/docker
  • Merge into: main
  • Upgrade quay.io/fedora/fedora-minimal to 45

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Mend Renovate.

@bootc-bot
Add renovate.json
58da5e5 
Signed-off-by: bootc-bot[bot] <225049296+bootc-bot[bot]@users.noreply.github.com>
@jlebon

jlebon commented Jun 30, 2026

Copy link
Copy Markdown
Collaborator

Note to self/anyone who wants to pick this up. We should also:

  1. Disable Dependabot as part of this.
  2. Make sure there's an option equivalent to Dependabot's cooldown in effect.
  3. Figure out why it wants to update fedora-minimal to 45 and change whatever settings to not do that. F45 is not released yet.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jlebon