feat: enhance Renovate configuration with automerge and grouping rules

Improves dependency management automation by enabling automerge for patches, minors, and CI dependencies while adding comprehensive package grouping rules. Adds vulnerability alerts with immediate scheduling and configures minimum release age for stability. Groups related packages like React ecosystem and build tools for better organization. Includes enhanced scheduling with weekly updates and monthly major version reviews requiring dashboard approval for safety.
2026-03-09 11:16:17 +00:00 · 2025-08-30 03:05:26 +02:00
parent f7b0bf34a7
commit 6de1cdad50
1 changed files with 58 additions and 5 deletions
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,6 +1,6 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "description": "Default Renovate preset for Streamyfin repositories",
+  "description": "Renovate configuration for Streamyfin dependency management",
  "extends": [
    "config:base",
    ":dependencyDashboard",
@@ -11,18 +11,32 @@
    "group:testNonMajor",
    "group:monorepos",
    "helpers:pinGitHubActionDigests",
-    ":pinDigests",
-    "customManagers:biomeVersions"
+    "customManagers:biomeVersions",
+    ":automergeBranch",
+    ":automergeRequireAllStatusChecks",
+    ":automergeDigest",
+    ":automergePatch",
+    ":automergeMinor"
  ],
  "addLabels": ["dependencies"],
  "rebaseWhen": "conflicted",
-  "ignorePaths": ["**/bower_components/**"],
+  "ignorePaths": ["**/bower_components/**", "**/node_modules/**"],
+  "ignoreUnstable": true,
+  "minimumReleaseAge": "3 days",
+  "schedule": ["before 6am on Monday"],
+  "branchPrefix": "renovate/",
+  "commitMessagePrefix": "⬆️ ",
  "lockFileMaintenance": {
    "enabled": true,
    "groupName": "lockfiles",
    "schedule": ["on the first day of the month"],
    "automerge": false
  },
+  "vulnerabilityAlerts": {
+    "enabled": true,
+    "schedule": ["at any time"],
+    "dependencyDashboardApproval": false
+  },
  "packageRules": [
    {
      "description": "Add 'ci' and 'github-actions' labels to GitHub Action update PRs",
@@ -34,7 +48,8 @@
      "matchManagers": ["github-actions"],
      "groupName": "CI dependencies",
      "groupSlug": "ci-deps",
-      "matchUpdateTypes": ["minor", "patch", "digest", "pin"]
+      "matchUpdateTypes": ["minor", "patch", "digest", "pin"],
+      "automerge": true
    },
    {
      "description": "Group lock file maintenance updates",
@@ -45,6 +60,44 @@
      "description": "Add specific labels for Expo and React Native dependencies",
      "matchPackagePatterns": ["expo", "react-native"],
      "addLabels": ["expo", "react-native"]
+    },
+    {
+      "description": "Group React and React-related packages",
+      "matchPackagePatterns": ["react", "react-native", "@types/react"],
+      "groupName": "React ecosystem",
+      "groupSlug": "react-ecosystem"
+    },
+    {
+      "description": "Group build and development tools",
+      "matchPackagePatterns": ["@babel/*", "husky", "lint-staged", "cross-env"],
+      "groupName": "Build tools",
+      "groupSlug": "build-tools"
+    },
+    {
+      "description": "Handle major updates more carefully",
+      "matchUpdateTypes": ["major"],
+      "dependencyDashboardApproval": true,
+      "schedule": ["on the first day of the month"]
+    },
+    {
+      "description": "Security updates should be prioritized",
+      "matchDatasources": ["npm"],
+      "matchUpdateTypes": ["patch"],
+      "matchPackagePatterns": ["*"],
+      "schedule": ["at any time"],
+      "automerge": true
+    },
+    {
+      "description": "Group patch updates for stability",
+      "matchUpdateTypes": ["patch"],
+      "groupName": "Patch updates",
+      "groupSlug": "patch-updates",
+      "automerge": true
+    },
+    {
+      "description": "Separate dev dependencies from production",
+      "matchDepTypes": ["devDependencies"],
+      "addLabels": ["dev-dependencies"]
    }
  ]
 }