From b6da70cb0fadfe3092c02ed0852e84dfa2926d54 Mon Sep 17 00:00:00 2001 From: Franck Nijhof Date: Sun, 26 Mar 2023 10:24:55 +0200 Subject: [PATCH 1/2] Add Renovate for dependency management --- .github/dependabot.yaml | 13 ------------- .github/renovate.json | 30 ++++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 13 deletions(-) delete mode 100644 .github/dependabot.yaml create mode 100644 .github/renovate.json diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml deleted file mode 100644 index 822f97f..0000000 --- a/.github/dependabot.yaml +++ /dev/null @@ -1,13 +0,0 @@ ---- -version: 2 -updates: - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: daily - time: "06:00" - - package-ecosystem: "pip" - directory: "/src" - schedule: - interval: "daily" - time: "06:00" diff --git a/.github/renovate.json b/.github/renovate.json new file mode 100644 index 0000000..51ee66b --- /dev/null +++ b/.github/renovate.json @@ -0,0 +1,30 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "rebaseWhen": "behind-base-branch", + "dependencyDashboard": true, + "labels": ["dependencies", "no-stale"], + "commitMessagePrefix": "⬆️", + "commitMessageTopic": "{{depName}}", + "packageRules": [ + { + "matchManagers": ["github-actions"], + "addLabels": ["github_actions"], + "rangeStrategy": "pin" + }, + { + "matchManagers": ["github-actions"], + "matchUpdateTypes": ["minor", "patch"], + "automerge": true + }, + { + "matchManagers": ["pip_requirements"], + "addLabels": ["python"], + "rangeStrategy": "pin" + }, + { + "matchManagers": ["pip_requirements"], + "matchUpdateTypes": ["minor", "patch"], + "automerge": true + } + ] +} From 339b5309f6af50f48b1f1cf1770b57edfbb4723b Mon Sep 17 00:00:00 2001 From: Franck Nijhof Date: Sun, 26 Mar 2023 10:27:08 +0200 Subject: [PATCH 2/2] Strictly pin --- .github/workflows/additional-tags.yaml | 2 +- .github/workflows/labels.yaml | 2 +- .github/workflows/lint.yaml | 6 +++--- .github/workflows/stale.yaml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/additional-tags.yaml b/.github/workflows/additional-tags.yaml index 91509b0..c0a3e12 100644 --- a/.github/workflows/additional-tags.yaml +++ b/.github/workflows/additional-tags.yaml @@ -17,6 +17,6 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.0 - name: 🚀 Run Release Tracker uses: vweevers/additional-tags-action@v2.0.0 diff --git a/.github/workflows/labels.yaml b/.github/workflows/labels.yaml index aff675b..8d1cfa7 100644 --- a/.github/workflows/labels.yaml +++ b/.github/workflows/labels.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.0 - name: 🚀 Run Label Syncer uses: micnncim/action-label-syncer@v1.3.0 env: diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index f9d4907..81ad3ab 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.0 - name: 🚀 Run yamllint uses: frenck/action-yamllint@v1.4 @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.0 - name: 🚀 Run JQ run: | shopt -s globstar @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@v3 + uses: actions/checkout@v3.5.0 - name: 🚀 Run Prettier uses: creyD/prettier_action@v4.3 with: diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 61dc08f..ef7caae 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 🚀 Run stale - uses: actions/stale@v7 + uses: actions/stale@v7.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} days-before-stale: 30