Skip to content

Configure Renovate

Marc Schütze requested to merge renovate/configure into main

Welcome to Renovate! This is an onboarding MR to help you understand and configure settings before regular Merge Requests begin.

🚦 Renovate will begin keeping your dependencies up-to-date only once you merge or close this Merge Request.

Detected Package Files

  • Dockerfile.base (dockerfile)
  • pyproject.toml (poetry)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding MR is merged
  • Renovate configuration for ZKM GitLab instance
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Rebase existing MRs any time the base branch has been updated.
  • Raise MR when vulnerability alerts are detected with label 'security', replacing any existing list of MR labels.
  • Use curated list of recommended non-monorepo package groupings.
  • Enable Renovate configuration migration MRs when needed.
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Enable Renovate Dependency Dashboard creation.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Merge Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 13 Merge Requests:

[deps] major: black to 24.3.0
  • Branch name: renovate/pypi-black-vulnerability
  • Merge into: main
  • Upgrade black to ^24.0.0
[deps] patch: click to 8.3.1
  • Schedule: ["at any time"]
  • Branch name: renovate/click-8.x
  • Merge into: main
  • Upgrade click to ^8.3.1
[deps] patch: docker to 7.1.0
  • Schedule: ["at any time"]
  • Branch name: renovate/docker-7.x
  • Merge into: main
  • Upgrade docker to ^7.1.0
[deps] patch: mypy to 1.19.1
  • Schedule: ["at any time"]
  • Branch name: renovate/mypy-1.x
  • Merge into: main
  • Upgrade mypy to ^1.19.1
[deps] patch: pytest to 7.4.4
  • Schedule: ["at any time"]
  • Branch name: renovate/pytest-7.x
  • Merge into: main
  • Upgrade pytest to ^7.4.4
[deps] patch: pyyaml to 6.0.3
  • Schedule: ["at any time"]
  • Branch name: renovate/pyyaml-6.x
  • Merge into: main
  • Upgrade pyyaml to ^6.0.3
[deps] patch: rich to 13.9.4
  • Schedule: ["at any time"]
  • Branch name: renovate/rich-13.x
  • Merge into: main
  • Upgrade rich to ^13.9.4
[deps] patch: tomli to 2.3.0
  • Schedule: ["at any time"]
  • Branch name: renovate/tomli-2.x
  • Merge into: main
  • Upgrade tomli to ^2.3.0
[deps] minor: python to 3.14.2
  • Schedule: ["at any time"]
  • Branch name: renovate/python-3.x
  • Merge into: main
  • Upgrade python to ^3.14.2
[deps] minor: ruff to 0.14.10
  • Schedule: ["at any time"]
  • Branch name: renovate/ruff-0.x
  • Merge into: main
  • Upgrade ruff to ^0.14.10
[deps] major: pytest to 9.0.2
  • Schedule: ["at any time"]
  • Branch name: renovate/pytest-9.x
  • Merge into: main
  • Upgrade pytest to ^9.0.2
[deps] major: rich to 14.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/rich-14.x
  • Merge into: main
  • Upgrade rich to ^14.2.0
[deps] lockFileMaintenance: to
  • Schedule: ["before 6am on Monday"]
  • Branch name: renovate/lock-file-maintenance
  • Merge into: main
  • Regenerate lock files to use latest dependency versions

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.

This MR has been generated by Renovate Bot.

Merge request reports