From 602a5fb7d988e9eec95f3d3d03d9c0ee9aca2ef5 Mon Sep 17 00:00:00 2001 From: Uruk Date: Sun, 31 Aug 2025 23:56:29 +0200 Subject: [PATCH] chore: simplify renovate configuration Streamlines dependency management by removing complex package rules and switching to best-practices preset. Key improvements: - Reduces configuration complexity from 86 to 46 lines - Enables OSV vulnerability alerts and config migration - Separates minor and patch updates for better control - Updates schedule to weekdays instead of Monday-only - Consolidates vulnerability handling into lock file maintenance section --- .github/renovate.json | 88 ++++++++++++------------------------------- 1 file changed, 24 insertions(+), 64 deletions(-) diff --git a/.github/renovate.json b/.github/renovate.json index 72ccf53c..36484231 100644 --- a/.github/renovate.json +++ b/.github/renovate.json @@ -1,86 +1,46 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "description": "Renovate configuration for Streamyfin dependency management", + "description": "Renovate configuration for Streamyfin - Expo React Native Jellyfin client", "extends": [ - "config:recommended", + "config:best-practices", ":dependencyDashboard", ":enableVulnerabilityAlertsWithLabel(security)", ":semanticCommits", ":timezone(Etc/UTC)", - "docker:enableMajor", "group:testNonMajor", "group:monorepos", "helpers:pinGitHubActionDigests", "customManagers:biomeVersions", ":automergeBranch", - ":automergeRequireAllStatusChecks", - ":automergeDigest", - ":automergePatch", - ":automergeMinor" + ":automergeRequireAllStatusChecks" ], "addLabels": ["dependencies"], "rebaseWhen": "conflicted", - "ignorePaths": ["**/bower_components/**", "**/node_modules/**"], + "ignorePaths": ["**/node_modules/**"], "ignoreUnstable": true, "minimumReleaseAge": "3 days", - "schedule": ["before 6am on Monday"], + "schedule": ["before 6am on Sunday"], "branchPrefix": "renovate/", "commitMessagePrefix": "chore(deps):", + "osvVulnerabilityAlerts": true, + "configMigration": true, + "separateMinorPatch": true, "lockFileMaintenance": { - "enabled": true, - "groupName": "lockfiles", - "schedule": ["on the first day of the month"], - "automerge": false - }, - "vulnerabilityAlerts": { - "enabled": true, - "schedule": ["at any time"], - "dependencyDashboardApproval": false - }, - "packageRules": [ - { - "description": "Add 'ci' and 'github-actions' labels to GitHub Action update PRs", - "matchManagers": ["github-actions"], - "addLabels": ["ci", "github-actions"] + "vulnerabilityAlerts": { + "enabled": true, + "addLabels": ["security", "vulnerability"], + "assigneesFromCodeOwners": true, + "commitMessageSuffix": " [SECURITY]" }, - { - "description": "Group minor and patch GitHub Action updates into a single PR", - "matchManagers": ["github-actions"], - "groupName": "CI dependencies", - "groupSlug": "ci-deps", - "matchUpdateTypes": ["minor", "patch", "digest", "pin"], - "automerge": true - }, - { - "description": "Group lock file maintenance updates", - "matchUpdateTypes": ["lockFileMaintenance"], - "dependencyDashboardApproval": true - }, - { - "description": "Handle major updates more carefully", - "matchUpdateTypes": ["major"], - "dependencyDashboardApproval": true, - "schedule": ["on the first day of the month"] - }, - { - "description": "Security updates should be prioritized", - "matchDatasources": ["npm"], - "matchUpdateTypes": ["patch"], - "matchPackageNames": ["*"], - "schedule": ["at any time"], - "automerge": true - }, - { - "description": "Group patch updates for stability", - "matchUpdateTypes": ["patch"], - "groupName": "Patch updates", - "groupSlug": "patch-updates", - "automerge": true - }, - { - "description": "Separate dev dependencies from production", - "matchDepTypes": ["devDependencies"], - "addLabels": ["dev-dependencies"] - } - ] + "packageRules": [ + { + "description": "Group minor and patch GitHub Action updates into a single PR", + "matchManagers": ["github-actions"], + "groupName": "CI dependencies", + "groupSlug": "ci-deps", + "matchUpdateTypes": ["minor", "patch", "digest", "pin"], + "automerge": true + } + ] + } }