Skip to content

chore: Configure Renovate - autoclosed

Perun-GitLab Service Account requested to merge renovate/configure into main

Welcome to Renovate! This is an onboarding MR to help you understand and configure settings before regular Merge Requests begin.

🚦 To activate Renovate, merge this Merge Request. To disable Renovate, simply close this Merge Request unmerged.

Detected Package Files

  • .gitlab-ci.yml (gitlabci)
  • .gitlab-ci.yml (gitlabci-include)
  • perun-oidc-server-webapp/pom.xml (maven)
  • perun-oidc-server/pom.xml (maven)
  • pom.xml (maven)
  • .mvn/wrapper/maven-wrapper.properties (maven-wrapper)
  • package.json (npm)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding MR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Require Dependency Dashboard approval for major updates.
  • Raise MR when vulnerability alerts are detected with label security.
  • Apply label dependencies to MRs.
  • Pin dependency versions for devDependencies.
  • Disable pinning of Docker dependency digests.
  • Use semantic prefixes for commit messages and MR titles.
  • Wait until the npm package is three days old before raising the update, this prevents npm unpublishing a package you already upgraded to.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Merge Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 32 Merge Requests:

fix(deps): update dependency ch.qos.logback:logback-classic to v1.4.12 [security]
fix(deps): update dependency ch.qos.logback:logback-core to v1.4.12 [security]
fix(deps): update dependency org.postgresql:postgresql to v42.6.1 [security]
  • Branch name: renovate/maven-org.postgresql-postgresql-vulnerability
  • Merge into: main
  • Upgrade org.postgresql:postgresql to 42.6.1
chore(deps): pin dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Pin @​perun/commitlint-config-perun to 1.0.0
  • Pin @​perun/semantic-release-perun-config to 1.0.1
  • Pin prettier to 3.2.4
chore(deps): update dependency maven to v3.9.6
  • Schedule: ["at any time"]
  • Branch name: renovate/maven-3.x
  • Merge into: main
  • Upgrade maven to 3.9.6
fix(deps): update dependency com.google.guava:guava to v32.1.3-jre
  • Schedule: ["at any time"]
  • Branch name: renovate/guava-monorepo
  • Merge into: main
  • Upgrade com.google.guava:guava to 32.1.3-jre
fix(deps): update dependency org.apache.directory.api:api-all to v2.1.6
fix(deps): update dependency org.aspectj:aspectjweaver to v1.9.21.1
  • Schedule: ["at any time"]
  • Branch name: renovate/aspectjweaver.version
  • Merge into: main
  • Upgrade org.aspectj:aspectjweaver to 1.9.21.1
fix(deps): update dependency org.glassfish.jaxb:jaxb-runtime to v2.3.9
fix(deps): update dependency org.projectlombok:lombok to v1.18.30
  • Schedule: ["at any time"]
  • Branch name: renovate/lombok.version
  • Merge into: main
  • Upgrade org.projectlombok:lombok to 1.18.30
fix(deps): update dependency org.slf4j:slf4j-api to v2.0.12
  • Schedule: ["at any time"]
  • Branch name: renovate/slf4j-monorepo
  • Merge into: main
  • Upgrade org.slf4j:slf4j-api to 2.0.12
fix(deps): update dependency org.springframework.security:spring-security-bom to v5.8.10
fix(deps): update dependency org.springframework:spring-framework-bom to v5.3.32
fix(deps): update eclipse-persistence.version to v2.7.14
chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.12.1
  • Schedule: ["at any time"]
  • Branch name: renovate/org.apache.maven.plugins-maven-compiler-plugin-3.x
  • Merge into: main
  • Upgrade org.apache.maven.plugins:maven-compiler-plugin to 3.12.1
chore(deps): update dependency org.mockito:mockito-core to v5.10.0
  • Schedule: ["at any time"]
  • Branch name: renovate/mockito-monorepo
  • Merge into: main
  • Upgrade org.mockito:mockito-core to 5.10.0
fix(deps): update dependency com.fasterxml.jackson.dataformat:jackson-dataformat-yaml to v2.16.1
fix(deps): update dependency com.mysql:mysql-connector-j to v8.3.0
fix(deps): update dependency com.nimbusds:nimbus-jose-jwt to v9.37.3
fix(deps): update dependency com.zaxxer:hikaricp to v5.1.0
  • Schedule: ["at any time"]
  • Branch name: renovate/hikari.version
  • Merge into: main
  • Upgrade com.zaxxer:HikariCP to 5.1.0
fix(deps): update dependency io.sentry:sentry-bom to v6.34.0
  • Schedule: ["at any time"]
  • Branch name: renovate/sentry.version
  • Merge into: main
  • Upgrade io.sentry:sentry-bom to 6.34.0
fix(deps): update dependency org.mariadb.jdbc:mariadb-java-client to v3.3.3
fix(deps): update shedlock monorepo to v4.46.0
chore(deps): update commitlint monorepo to v18 (major)
chore(deps): update dependency inquirer to v9
  • Schedule: ["at any time"]
  • Branch name: renovate/inquirer-9.x
  • Merge into: main
  • Upgrade inquirer to 9.2.15
fix(deps): update dependency com.google.guava:guava to v33
  • Schedule: ["at any time"]
  • Branch name: renovate/major-guava-monorepo
  • Merge into: main
  • Upgrade com.google.guava:guava to 33.0.0-jre
fix(deps): update dependency io.sentry:sentry-bom to v7
  • Schedule: ["at any time"]
  • Branch name: renovate/major-sentry.version
  • Merge into: main
  • Upgrade io.sentry:sentry-bom to 7.4.0
fix(deps): update dependency org.glassfish.jaxb:jaxb-runtime to v4
fix(deps): update dependency org.springframework.security:spring-security-bom to v6
fix(deps): update dependency org.springframework:spring-framework-bom to v6
fix(deps): update eclipse-persistence.version to v4 (major)
fix(deps): update shedlock monorepo to v5 (major)

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

Got questions? Check out Renovate's Docs, particularly the Getting Started section. If you need any further assistance then you can also request help here.

This MR has been generated by Renovate Bot.

Merge request reports