|
21 | 21 | "rebaseWhen": "behind-base-branch", |
22 | 22 | "packageRules": [ |
23 | 23 | { |
24 | | - "matchCategories": [ |
25 | | - "golang" |
26 | | - ], |
27 | | - "minimumReleaseAge": "3 days" |
28 | | - }, |
29 | | - { |
30 | | - "description": "Updating Go language dependencies", |
31 | | - "matchDatasources": [ |
32 | | - "go" |
33 | | - ], |
34 | | - "matchUpdateTypes": [ |
35 | | - "major" |
36 | | - ], |
| 24 | + "description": "Go language dependencies update", |
| 25 | + "matchDatasources": ["go"], |
| 26 | + "matchUpdateTypes": ["major"], |
37 | 27 | "groupName": "Go major dependencies", |
38 | 28 | "schedule": [ |
39 | 29 | "before 10am on the first day of the month" |
40 | 30 | ] |
41 | 31 | }, |
42 | 32 | { |
43 | | - "description": "golang.org/x Package grouping", |
44 | | - "matchDatasources": [ |
45 | | - "go" |
46 | | - ], |
| 33 | + "description": "golang.org/x packages grouping", |
| 34 | + "matchDatasources": ["go"], |
| 35 | + "matchPackageNames": ["golang.org/x{/,}**"], |
47 | 36 | "groupName": "golang.org/x packages", |
48 | | - "automerge": true, |
49 | | - "matchPackageNames": [ |
50 | | - "golang.org/x{/,}**" |
51 | | - ] |
| 37 | + "automerge": true |
52 | 38 | }, |
53 | 39 | { |
54 | | - "description": "Updating GitHub Actions", |
55 | | - "matchManagers": [ |
56 | | - "github-actions" |
57 | | - ], |
| 40 | + "description": "GitHub Actions update", |
| 41 | + "matchManagers": ["github-actions"], |
58 | 42 | "groupName": "GitHub Actions", |
59 | 43 | "pinDigests": true, |
60 | 44 | "automerge": true |
61 | 45 | }, |
62 | 46 | { |
63 | | - "description": "Security updates are provided immediately.", |
64 | | - "matchUpdateTypes": [ |
65 | | - "patch" |
66 | | - ], |
67 | | - "matchDatasources": [ |
68 | | - "go" |
69 | | - ], |
| 47 | + "description": "Security patches are provided immediately", |
| 48 | + "matchUpdateTypes": ["patch"], |
| 49 | + "matchDatasources": ["go"], |
70 | 50 | "automerge": true, |
71 | | - "minimumReleaseAge": null, |
72 | | - "matchPackageNames": [ |
73 | | - "/.*/" |
74 | | - ] |
| 51 | + "minimumReleaseAge": null |
75 | 52 | }, |
76 | 53 | { |
77 | | - "description": "Vulnerable packages are given top priority.", |
78 | | - "matchDatasources": [ |
79 | | - "go" |
80 | | - ], |
81 | | - "vulnerabilityAlerts": { |
82 | | - "enabled": true, |
83 | | - "labels": [ |
84 | | - "security" |
85 | | - ], |
86 | | - "minimumReleaseAge": null, |
87 | | - "prPriority": 10 |
88 | | - } |
| 54 | + "description": "Vulnerable packages are given top priority", |
| 55 | + "matchDatasources": ["go"], |
| 56 | + "labels": ["security"], |
| 57 | + "prPriority": 10 |
89 | 58 | } |
90 | 59 | ], |
91 | | - "vulnerabilityAlerts": { |
92 | | - "enabled": true, |
93 | | - "labels": [ |
94 | | - "security" |
95 | | - ] |
96 | | - }, |
97 | 60 | "minimumReleaseAge": "3 days", |
98 | 61 | "prHourlyLimit": 2, |
99 | 62 | "ignorePaths": [ |
|
103 | 66 | "postUpdateOptions": [ |
104 | 67 | "gomodTidy", |
105 | 68 | "gomodUpdateImportPaths" |
106 | | - ] |
| 69 | + ], |
| 70 | + "osvVulnerabilityAlerts": true |
107 | 71 | } |
0 commit comments