Skip to content

Configure Renovate

gl-renovate requested to merge renovate/configure into main

Welcome to Renovate! This is an onboarding MR to help you understand and configure settings before regular Merge Requests begin.

🚦 To activate Renovate, merge this Merge Request. To disable Renovate, simply close this Merge Request unmerged.

Detected Package Files

  • .gitlab-ci.yml (gitlabci)
  • pom.xml (maven)
  • sonar-maven-backend/pom.xml (maven)
  • sonar-maven-frontend/pom.xml (maven)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding MR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration MRs when needed.
  • Pin dependency versions for devDependencies.
  • Raise MR when vulnerability alerts are detected with label 'security'.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Merge Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 2 Merge Requests:

Pin maven Docker tag to 5092873
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Upgrade maven to sha256:5092873778f0495464c1151df8f5c2e01a09ba37d931be719cbc1fc0f4559a07
Update maven Docker tag to v3.9.9
  • Schedule: ["at any time"]
  • Branch name: renovate/maven-3.x
  • Merge into: main
  • Upgrade maven to sha256:d4f3b77119ae1afcdf00276083416d58fd9c69929400cea3595eba8965b6ae6f

Warning

Please correct - or verify that you can safely ignore - these dependency lookup failures before you merge this MR.

  • Failed to look up maven package demo.sonar:sonar-maven

Files affected: sonar-maven-backend/pom.xml, sonar-maven-frontend/pom.xml

Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.

This MR has been generated by Renovate Bot.

Merge request reports