Files
go-task/.github/renovate.json
Valentin Maerten e8f0a9ebb7 ci: group action digest updates with non-major dependencies
Digest and pinDigest updates are not covered by the group:allNonMajor
preset (which only matches minor/patch), so SHA-pinned actions like
goreleaser-action produced standalone PRs. Since these actions are
pinned to floating major tags, a digest update is always within-major
and safe to group. Reuse the preset's groupName/groupSlug so they merge
into the same weekly grouped PR.
2026-06-30 22:53:36 +02:00

43 lines
1.1 KiB
JSON

{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
"group:allNonMajor",
"schedule:weekly",
":semanticCommitTypeAll(chore)"
],
"addLabels":["area: dependencies"],
"osvVulnerabilityAlerts": true,
"postUpdateOptions": ["gomodTidy"],
"customManagers": [
{
"customType": "regex",
"managerFilePatterns": ["/^\\.github/workflows/.*\\.ya?ml$/"],
"matchStrings": [
"uses:\\s*golangci/golangci-lint-action@\\S+(?:\\s*#[^\\n]*)?\\s+with:\\s+version:\\s*(?<currentValue>v[\\d.]+)"
],
"datasourceTemplate": "github-releases",
"depNameTemplate": "golangci/golangci-lint"
}
],
"packageRules": [
{
"matchUpdateTypes": ["digest", "pinDigest"],
"groupName": "all non-major dependencies",
"groupSlug": "all-minor-patch"
},
{
"matchManagers": ["github-actions"],
"addLabels": ["area: github actions"]
},
{
"matchCategories": ["js", "node"],
"addLabels": ["lang: javascript"]
},
{
"matchCategories": ["golang"],
"addLabels": ["lang: go"]
}
]
}