chore: Use only packages older than 24 hours (#849)

Pijukatel · web-flow · commit b40ad6986373 · 2026-03-30T14:07:15.000+02:00
- Update Renovate and project settings to use only package versions older than 24 hours - Motivation is to add minimal defence to supply chain attacks. Similar to apify/apify-client-python#684
diff --git a/pyproject.toml b/pyproject.toml
@@ -221,6 +221,10 @@ exclude_lines = ["pragma: no cover", "if TYPE_CHECKING:", "assert_never()"]
 [tool.ipdb]
 context = 7
 
+[tool.uv]
+# Minimal defense against supply-chain attacks.
+exclude-newer = "24 hours"
+
 # Run tasks with: uv run poe <task>
 [tool.poe.tasks]
 clean = "rm -rf .coverage .pytest_cache .ruff_cache .ty_cache build dist htmlcov"
diff --git a/renovate.json b/renovate.json
@@ -21,6 +21,7 @@
             "automergeType": "branch"
         }
     ],
+    "minimumReleaseAge": "1 day",
     "schedule": ["before 7am every weekday"],
     "ignoreDeps": ["apify", "docusaurus-plugin-typedoc-api"]
 }

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@`
`21`	`21`	`"automergeType": "branch"`
`22`	`22`	`}`
`23`	`23`	`],`
	`24`	`+ "minimumReleaseAge": "1 day",`
`24`	`25`	`"schedule": ["before 7am every weekday"],`
`25`	`26`	`"ignoreDeps": ["apify", "docusaurus-plugin-typedoc-api"]`
`26`	`27`	`}`