ivuorinen/renovate-config
1
0
Fork 0
mirror of https://github.com/ivuorinen/renovate-config.git synced 2026-03-12 19:01:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: overhaul renovate preset config, docs, and tooling

Browse Source 
- Switch schema to renovate-global-schema.json
- Remove redundant/deprecated settings and presets
- Add Makefile custom manager for tool version tracking
- Add package groups: illuminate, semantic-release, stylelint,
  tailwind, vite, vue, development tools
- Add check-jsonschema pre-commit hook
- Add .gitignore and CLAUDE.md
- Rewrite README with comprehensive preset documentation
This commit is contained in:
Ismo Vuorinen
2026-03-07 20:03:31 +02:00
parent f06decb65f
commit d76f1d3d49
5 changed files with 291 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
README.md
View File

@@ -1,25 +1,13 @@
# Renovate configs
# Renovate Config
[Renovate](https://github.com/renovatebot/renovate) is a tool for automating
dependency updates. This repository contains my personal
Renovate configuration.
Shared [Renovate](https://github.com/renovatebot/renovate) preset configuration
for repositories managed by **ivuorinen**. Other repos consume this preset via
their Renovate config, so changes here propagate automatically to every
repository that extends it.
This configuration and Renovate creates a single issue in the repository for
tracking all dependency updates. Renovate will automatically update the
issue with new updates and you can force creation and rerunning of the
Renovate bot by checking list items in the issue.
## Usage
Updates to the configuration are automatically applied to all repositories
that use this configuration. If you want to use this configuration in your
projects you can do so by extending this configuration in your own
in `.github/renovate.json` file.
Please see Renovate configuration documentation to see how you can
extend this configuration to suit your needs.
## Basic usage:
Create a file to `.github/renovate.json` with the following content:
Create `.github/renovate.json` in your repository:
```json
{
@@ -28,6 +16,168 @@ Create a file to `.github/renovate.json` with the following content:
}
```
See [Renovate Docs: Shareable Config Presets](https://docs.renovatebot.com/config-presets/)
for more on how shared presets work.
## Extends
This preset inherits from the following built-in Renovate presets:
| Preset | Description |
|--------|-------------|
| `config:recommended` | Renovate's recommended base configuration |
| `:enableVulnerabilityAlerts` | Create PRs for known security vulnerabilities |
| `:labels(dependencies)` | Add `dependencies` label to all PRs |
| `:preserveSemverRanges` | Keep existing semver range syntax when updating |
| `:semanticCommits` | Use conventional commit messages (`chore(deps):`) |
| `:timezone(Europe/Helsinki)` | Schedule evaluation in Europe/Helsinki timezone |
| `docker:enableMajor` | Enable major version updates for Docker |
| `helpers:pinGitHubActionDigests` | Pin GitHub Actions to full SHA digests |
| `security:minimumReleaseAgeNpm` | Require a minimum release age for npm packages |
| `schedule:nonOfficeHours` | Run Renovate outside office hours |
## Key settings
| Setting | Value | Description |
|---------|-------|-------------|
| `assigneesFromCodeOwners` | `true` | Assign PRs to CODEOWNERS |
| `automergeStrategy` | `squash` | Squash-merge automerged PRs |
| `commitBody` | `Signed-off-by: {{{gitAuthor}}}` | DCO sign-off in commit body |
| `commitMessageAction` | `update` | Use "update" as the commit action verb |
| `commitMessageExtra` | `({{currentVersion}} -> {{newVersion}})` | Show version range in commits |
| `dependencyDashboardLabels` | `["no-stale"]` | Prevent stale-bot from closing the dashboard |
| `dependencyDashboardOSVVulnerabilitySummary` | `unresolved` | Show unresolved OSV vulnerabilities |
| `dependencyDashboardTitle` | `Renovate Dashboard` | Custom dashboard issue title |
| `onboardingConfigFileName` | `.github/renovate.json` | Default onboarding config path |
| `prHourlyLimit` | `5` | Max 5 PRs created per hour |
| `reviewersFromCodeOwners` | `true` | Request reviews from CODEOWNERS |
| `separateMultipleMajor` | `true` | Create separate PRs for each major version bump |
## Custom managers
### Dockerfile
Extracts versions from `ENV` variables and `FROM` lines in Dockerfiles using
[regex manager](https://docs.renovatebot.com/modules/manager/regex/).
**Patterns matched:**
```dockerfile
# ENV with inline datasource comment
ENV TOOL_VERSION=1.2.3 # github-releases/owner/repo
# Standard FROM line
FROM node:20-alpine
```
Regex (applied with `matchStringsStrategy: "any"`):
```
ENV [A-Z]+_VERSION=(?<currentValue>.*) # (?<datasource>.*?)/(?<depName>.*?)(\&versioning=(?<versioning>.*))?\s
FROM (?<depName>\S*):(?<currentValue>\S*)
```
### Makefile
Tracks tool versions in Makefiles via `# renovate:` comments using
[regex manager](https://docs.renovatebot.com/modules/manager/regex/).
Files matched: `Makefile`, `*.mk`
**Pattern matched:**
```makefile
# renovate: datasource=go depName=github.com/goreleaser/goreleaser/v2
GORELEASER_VERSION := v2.14.1
```
Regex:
```
#\s*renovate:\s*datasource=(?<datasource>\S+)\s+depName=(?<depName>\S+)\n[A-Z_]+\s*:?=\s*(?<currentValue>v?\d+\.\d+\.\d+\S*)
```
The `datasource` and `depName` are captured from the comment, and
`currentValue` from the variable assignment. Uses `semver` versioning.
## Package rules
### Automerge and labeling
| Rule | Matches | Effect |
|------|---------|--------|
| Major commit prefix | `matchUpdateTypes: ["major"]` | `chore(deps)!:` prefix, `type/major` label |
| Automerge non-major | `matchUpdateTypes: ["minor", "patch", "digest"]` | Automerge via branch strategy |
| Minor label | `matchUpdateTypes: ["minor"]` | `type/minor` label |
| Patch label | `matchUpdateTypes: ["patch"]` | `type/patch` label |
| Digest label | `matchUpdateTypes: ["digest"]` | `type/digest` label |
### Datasource labels and commit topics
| Datasource / Manager | Label | Commit topic |
|-----------------------|-------|--------------|
| `docker` | `renovate/container` | `image {{depName}}` |
| `helm` | `renovate/helm` | `chart {{depName}}` |
| `galaxy`, `galaxy-collection` | `renovate/ansible` | - |
| `terraform-provider` | `renovate/terraform` | - |
| `github-releases`, `github-tags` | `renovate/github-release` | - |
| `github-actions` (manager) | `renovate/github-action` | scope: `actions` |
| `pypi` | `renovate/pip` | - |
### Dependency groups
Related packages are grouped into single PRs:
| Group name | Match criteria |
|------------|----------------|
| devDependencies (non-major) | `matchDepTypes: ["devDependencies"]`, minor/patch only |
| development tools | `matchFileNames: ["Makefile", "**/*.mk"]`, custom.regex manager |
| eslint | Package names matching `/eslint/` |
| illuminate | Package names matching `/illuminate/` |
| phpstan | Package names matching `/phpstan/` or `/larastan/` |
| semantic-release | Package names matching `/semantic-release/` |
| stylelint | Package names matching `/stylelint/` |
| tailwind | Package names matching `/tailwind/` |
| vite | Package names matching `/vite/` |
| vue | Package names matching `/vue/` |
## Post-update options
Lock file maintenance after dependency updates:
| Option | Description |
|--------|-------------|
| `bundlerConservative` | Conservative Bundler updates |
| `composerWithAll` | Run `composer update` with `--with-all-dependencies` |
| `gomodUpdateImportPaths` | Update Go import paths on major updates |
| `npmDedupe` | Run `npm dedupe` after updates |
| `pnpmDedupe` | Run `pnpm dedupe` after updates |
| `yarnDedupeHighest` | Run `yarn dedupe --strategy highest` after updates |
## Other configuration
| Setting | Value | Description |
|---------|-------|-------------|
| `digest.enabled` | `false` | Digest-only updates disabled |
| `git-submodules.enabled` | `true` | Track git submodule updates |
| `pre-commit.enabled` | `true` | Update pre-commit hook versions |
| `ignorePaths` | `**/*.sops.*`, `**/.archive/**`, `**/testdata/**` | Skip encrypted, archived, and test fixture files |
## Validation
Run the pre-commit hooks to validate `default.json`:
```sh
pre-commit run --all-files
```
This executes:
- **`pretty-format-json`** -- ensures consistent JSON formatting
- **`renovate-config-validator --strict`** -- Renovate's own config validation
- **`check-renovate`** -- JSON Schema validation against `renovate-global-schema.json`
- Standard checks (trailing whitespace, end-of-file fixer, etc.)
## License
[MIT](LICENSE)