chore: Use only packages older than 24 hours (#684)

Pijukatel · web-flow · commit f7dfb499e743 · 2026-03-26T13:26:39.000+01:00
- Update Renovate and project settings to use only package versions
older than 24 hours
- Motivation is to add minimal defence to supply chain attacks.
diff --git a/pyproject.toml b/pyproject.toml
@@ -228,6 +228,10 @@ allow_population_by_field_name = true
 aliases = "datamodel_codegen_aliases.json"
 formatters = ["ruff-check", "ruff-format"]
 
+[tool.uv]
+# Minimal defense against supply-chain atatcks.
+exclude-newer = "24 hours"
+
 # Run tasks with: uv run poe <task>
 [tool.poe.tasks]
 clean = "rm -rf .coverage .pytest_cache .ruff_cache .ty_cache build dist htmlcov"
diff --git a/renovate.json b/renovate.json
@@ -21,6 +21,7 @@
             "automergeType": "branch"
         }
     ],
+    "minimumReleaseAge": "1 day",
     "schedule": ["before 7am every weekday"],
     "ignoreDeps": ["apify_client", "docusaurus-plugin-typedoc-api"]
 }
diff --git a/uv.lock b/uv.lock

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@`
`21`	`21`	`"automergeType": "branch"`
`22`	`22`	`}`
`23`	`23`	`],`
	`24`	`+ "minimumReleaseAge": "1 day",`
`24`	`25`	`"schedule": ["before 7am every weekday"],`
`25`	`26`	`"ignoreDeps": ["apify_client", "docusaurus-plugin-typedoc-api"]`
`26`	`27`	`}`