chore: Use only packages older than 24 hours (#1822)

Pijukatel · web-flow · commit 31509e0835f0 · 2026-04-02T13:56:15.000+02:00
- Update Renovate and project settings to use only package versions older than 24 hours - Motivation is to add minimal defence to supply chain attacks. Similar to apify/apify-client-python#684
diff --git a/pyproject.toml b/pyproject.toml
@@ -272,6 +272,10 @@ exclude_lines = ["pragma: no cover", "if TYPE_CHECKING:", "assert_never()"]
 [tool.ipdb]
 context = 7
 
+[tool.uv]
+# Minimal defense against supply-chain attacks.
+exclude-newer = "24 hours"
+
 # Run tasks with: uv run poe <task>
 [tool.poe.tasks]
 clean = "rm -rf .coverage .pytest_cache .ruff_cache .ty_cache .uv-cache build coverage-unit.xml dist htmlcov website/.docusaurus website/.yarn website/module_shortcuts.json website/node_modules "
diff --git a/renovate.json b/renovate.json
@@ -21,6 +21,7 @@
             "automergeType": "branch"
         }
     ],
+    "minimumReleaseAge": "1 day",
     "schedule": ["before 7am every weekday"],
     "ignoreDeps": ["crawlee", "docusaurus-plugin-typedoc-api"]
 }

Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@`
`21`	`21`	`"automergeType": "branch"`
`22`	`22`	`}`
`23`	`23`	`],`
	`24`	`+ "minimumReleaseAge": "1 day",`
`24`	`25`	`"schedule": ["before 7am every weekday"],`
`25`	`26`	`"ignoreDeps": ["crawlee", "docusaurus-plugin-typedoc-api"]`
`26`	`27`	`}`