Skip to content

chore: Configure Renovate - autoclosed#1

Closed
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/configure
Closed

chore: Configure Renovate - autoclosed#1
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/configure

Conversation

@renovate

@renovate renovate Bot commented Oct 6, 2025

Copy link
Copy Markdown
Contributor

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.


Detected Package Files

  • .github/workflows/pr.yml (github-actions)
  • .github/workflows/release.yml (github-actions)
  • package.json (npm)
  • packages/cli/package.json (npm)
  • packages/content-loader/package.json (npm)
  • packages/core/package.json (npm)
  • packages/mcp-server/package.json (npm)
  • pnpm-workspace.yaml (npm)
  • renovate.json (renovate-config)
  • tsconfig.base.json (regex)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Hopefully safe environment variables to allow users to configure.
  • Show all Merge Confidence badges for pull requests.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from Forgejo contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from Gitea contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitHub.com and Github enterprise contains a link to the commit-to-commit diff
  • Ensure that every dependency pinned by digest and sourced from GitLab.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Pin github-action digests.
  • Run Renovate on following schedule: before 10am on Saturday

What to Expect

With your current configuration, Renovate will create 28 Pull Requests:

chore(deps): update dependency js-yaml to v4.1.1 [security]
  • Branch name: renovate/npm-js-yaml-vulnerability
  • Merge into: main
  • Upgrade js-yaml to 4.1.1
fix(deps): update dependency tar to v7.5.11 [security]
  • Branch name: renovate/npm-tar-vulnerability
  • Merge into: main
  • Upgrade tar to 7.5.11
chore(deps): update dependency @​modelcontextprotocol/sdk to v1.26.0 [security]
  • Branch name: renovate/npm-modelcontextprotocol-sdk-vulnerability
  • Merge into: main
  • Upgrade @modelcontextprotocol/sdk to 1.26.0
chore(deps): update dependency simple-git to v3.36.0 [security]
  • Branch name: renovate/npm-simple-git-vulnerability
  • Merge into: main
  • Upgrade simple-git to 3.36.0
chore(deps): update dependency turbo to v2.9.14 [security]
  • Branch name: renovate/npm-turbo-vulnerability
  • Merge into: main
  • Upgrade turbo to 2.9.14
chore(deps): pin dependencies
chore(deps): replace dependency @​tsconfig/node22 with @tsconfig/node24
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/tsconfig-node22-replacement
  • Merge into: main
  • Upgrade @tsconfig/node22 to 24
  • Upgrade @tsconfig/node22 to 24.0.0
fix(deps): pin dependencies
chore(deps): update dev tooling (low risk)
chore(deps): update dependency @​modelcontextprotocol/inspector to v0.21.2
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/modelcontextprotocol-inspector-0.x
  • Merge into: main
  • Upgrade @modelcontextprotocol/inspector to 0.21.2
chore(deps): update dependency lint-staged to ^16.4.0
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/lint-staged-16.x
  • Merge into: main
  • Upgrade lint-staged to ^16.4.0
chore(deps): update dependency oxlint to v1.66.0
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/oxlint-monorepo
  • Merge into: main
  • Upgrade oxlint to 1.66.0
chore(deps): update pnpm to v10.33.4
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/pnpm-10.x
  • Merge into: main
  • Upgrade pnpm to 10.33.4
chore(deps): update typescript-eslint monorepo to ^8.55.0
chore(deps): update actions/checkout action to v6
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/actions-checkout-6.x
  • Merge into: main
  • Upgrade actions/checkout to de0fac2e4500dabe0009e67214ff5f5447ce83dd
chore(deps): update actions/setup-node action to v6
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/actions-setup-node-6.x
  • Merge into: main
  • Upgrade actions/setup-node to 48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e
chore(deps): update dependency lint-staged to v17
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/lint-staged-17.x
  • Merge into: main
  • Upgrade lint-staged to ^17.0.0
chore(deps): update dependency node to v24
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/node-24.x
  • Merge into: main
  • Upgrade node to 24
chore(deps): update dependency ora to v9
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/ora-9.x
  • Merge into: main
  • Upgrade ora to ^9.0.0
chore(deps): update dependency typescript to v6
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/typescript-6.x
  • Merge into: main
  • Upgrade typescript to ^6.0.0
chore(deps): update eslint monorepo to v10
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/major-eslint-monorepo
  • Merge into: main
  • Upgrade @eslint/js to ^10.0.0
  • Upgrade eslint to ^10.0.0
chore(deps): update pnpm to v11
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/pnpm-11.x
  • Merge into: main
  • Upgrade pnpm to 11.3.0
chore(deps): update pnpm/action-setup action to v6
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/pnpm-action-setup-6.x
  • Merge into: main
  • Upgrade pnpm/action-setup to 0e279bb959325dab635dd2c09392533439d90093
chore(deps): update softprops/action-gh-release action to v3
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/softprops-action-gh-release-3.x
  • Merge into: main
  • Upgrade softprops/action-gh-release to b4309332981a82ec1c5618f44dd2e27cc8bfbfda
chore(deps): update tibdex/github-app-token action to v2
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/tibdex-github-app-token-2.x
  • Merge into: main
  • Upgrade tibdex/github-app-token to 3beb63f4bd073e61482598c45c71c1019b59b73a
chore(deps): update vitest monorepo to v4
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/major-vitest-monorepo
  • Merge into: main
  • Upgrade @vitest/coverage-v8 to ^4.0.0
  • Upgrade vitest to ^4.0.0
fix(deps): update dependency commander to v14
  • Schedule: ["before 10am on Saturday"]
  • Branch name: renovate/commander-14.x
  • Merge into: main
  • Upgrade commander to ^14.0.0
chore(deps): lock file maintenance
  • Schedule: ["* 0-3 * * 1"]
  • Branch name: renovate/lock-file-maintenance
  • Merge into: main
  • Regenerate lock files to use latest dependency versions

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.


This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot force-pushed the renovate/configure branch from e004a2c to 6cf15b0 Compare May 27, 2026 12:08
@renovate renovate Bot changed the title chore: Configure Renovate chore: Configure Renovate - autoclosed May 27, 2026
@renovate renovate Bot closed this May 27, 2026
@renovate renovate Bot deleted the renovate/configure branch May 27, 2026 15:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants