Streamlines dependency management by removing complex package rules and switching to best-practices preset.
Key improvements:
- Reduces configuration complexity from 86 to 46 lines
- Enables OSV vulnerability alerts and config migration
- Separates minor and patch updates for better control
- Updates schedule to weekdays instead of Monday-only
- Consolidates vulnerability handling into lock file maintenance section
Migrates from deprecated config:base to recommended preset and updates commit message configuration to use separate prefix and suffix properties instead of single commitMessage field.
Changes package matching from patterns to names for better specificity in security update rules.
Replaces the simple emoji prefix with a structured conventional commit format that includes dependency type and version information.
This improves commit message consistency and makes dependency updates more informative by clearly indicating the package name and target version.
Improves dependency management automation by enabling automerge for patches, minors, and CI dependencies while adding comprehensive package grouping rules.
Adds vulnerability alerts with immediate scheduling and configures minimum release age for stability. Groups related packages like React ecosystem and build tools for better organization.
Includes enhanced scheduling with weekly updates and monthly major version reviews requiring dashboard approval for safety.
