Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configure Renovate #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Configure Renovate #1

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Mar 8, 2021
edited
Loading

WhiteSource Renovate

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • package.json (npm)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Separate major versions of dependencies into individual branches/PRs
  • Do not separate patch and minor upgrades into separate PRs for the same dependency
  • Upgrade to unstable versions only if the existing version is unstable
  • Raise PRs immediately (after branch is created)
  • If semantic commits detected, use semantic commit type fix for dependencies and chore for all others
  • Keep existing branches updated even when not scheduled
  • Disable automerging feature - wait for humans to merge all PRs
  • Ignore node_modules, bower_components, vendor and various test/tests directories
  • Autodetect whether to pin dependencies or maintain ranges
  • Rate limit PR creation to a maximum of two per hour
  • Limit to maximum 20 open PRs at any time
  • Group known monorepo packages together
  • Use curated list of recommended non-monorepo package groupings
  • Ignore spring cloud 1.x releases
  • Ignore http4s digest-based 1.x milestones
  • Use node versioning for @types/node
  • Limit concurrent requests to reduce load on Repology servers until we can fix this properly, see issue 10133

🔡 Would you like to change the way Renovate is upgrading your dependencies? Simply edit the renovate.json in this branch with your custom config and the list of Pull Requests in the "What to Expect" section below will be updated the next time Renovate runs.

What to Expect

With your current configuration, Renovate will create 29 Pull Requests:

Update dependency acorn to 5.7.4 [SECURITY]
  • Branch name: renovate/npm-acorn-vulnerability
  • Merge into: master
  • Upgrade acorn to 5.7.4
Update dependency dns-packet to 1.3.2 [SECURITY]
  • Branch name: renovate/npm-dns-packet-vulnerability
  • Merge into: master
  • Upgrade dns-packet to 1.3.2
Update dependency elliptic to 6.5.4 [SECURITY]
  • Branch name: renovate/npm-elliptic-vulnerability
  • Merge into: master
  • Upgrade elliptic to 6.5.4
Update dependency glob-parent to 5.1.2 [SECURITY]
  • Branch name: renovate/npm-glob-parent-vulnerability
  • Merge into: master
  • Upgrade glob-parent to 5.1.2
Update dependency http-proxy to 1.18.1 [SECURITY]
  • Branch name: renovate/npm-http-proxy-vulnerability
  • Merge into: master
  • Upgrade http-proxy to 1.18.1
Update dependency kind-of to 6.0.3 [SECURITY]
  • Branch name: renovate/npm-kind-of-vulnerability
  • Merge into: master
  • Upgrade kind-of to 6.0.3
Update dependency lodash to 4.17.21 [SECURITY]
  • Branch name: renovate/npm-lodash-vulnerability
  • Merge into: master
  • Upgrade lodash to 4.17.21
Update dependency minimist to 0.2.1 [SECURITY]
  • Branch name: renovate/npm-minimist-vulnerability
  • Merge into: master
  • Upgrade minimist to 0.2.1
Update dependency mixin-deep to 1.3.2 [SECURITY]
  • Branch name: renovate/npm-mixin-deep-vulnerability
  • Merge into: master
  • Upgrade mixin-deep to 1.3.2
Update dependency node-forge to 0.10.0 [SECURITY]
  • Branch name: renovate/npm-node-forge-vulnerability
  • Merge into: master
  • Upgrade node-forge to 0.10.0
Update dependency path-parse to 1.0.7 [SECURITY]
  • Branch name: renovate/npm-path-parse-vulnerability
  • Merge into: master
  • Upgrade path-parse to 1.0.7
Update dependency serialize-javascript to 3.1.0 [SECURITY]
  • Branch name: renovate/npm-serialize-javascript-vulnerability
  • Merge into: master
  • Upgrade serialize-javascript to 3.1.0
Update dependency set-value to 2.0.1 [SECURITY]
  • Branch name: renovate/npm-set-value-vulnerability
  • Merge into: master
  • Upgrade set-value to 2.0.1
Update dependency sockjs to 0.3.20 [SECURITY]
  • Branch name: renovate/npm-sockjs-vulnerability
  • Merge into: master
  • Upgrade sockjs to 0.3.20
Update dependency ssri to 6.0.2 [SECURITY]
  • Branch name: renovate/npm-ssri-vulnerability
  • Merge into: master
  • Upgrade ssri to 6.0.2
Update dependency url-parse to 1.5.0 [SECURITY]
  • Branch name: renovate/npm-url-parse-vulnerability
  • Merge into: master
  • Upgrade url-parse to 1.5.0
Update dependency webpack-dev-server to 3.1.11 [SECURITY]
  • Branch name: renovate/npm-webpack-dev-server-vulnerability
  • Merge into: master
  • Upgrade webpack-dev-server to 3.1.11
Update dependency websocket-extensions to 0.1.4 [SECURITY]
  • Branch name: renovate/npm-websocket-extensions-vulnerability
  • Merge into: master
  • Upgrade websocket-extensions to 0.1.4
Update dependency y18n to 4.0.1 [SECURITY]
  • Branch name: renovate/npm-y18n-vulnerability
  • Merge into: master
  • Upgrade y18n to 4.0.1
Update dependency yargs-parser to 13.1.2 [SECURITY]
  • Branch name: renovate/npm-yargs-parser-vulnerability
  • Merge into: master
  • Upgrade yargs-parser to 13.1.2
Pin dependencies
Update dependency flow-bin to ^0.158.0
  • Schedule: ["at any time"]
  • Branch name: renovate/flow-bin-0.x
  • Merge into: master
  • Upgrade flow-bin to ^0.158.0
Update dependency webpack to v4.46.0
  • Schedule: ["at any time"]
  • Branch name: renovate/webpack-4.x
  • Merge into: master
  • Upgrade webpack to 4.46.0
Update dependency webpack-cli to v3.3.12
  • Schedule: ["at any time"]
  • Branch name: renovate/webpack-cli-3.x
  • Merge into: master
  • Upgrade webpack-cli to 3.3.12
Update dependency html-webpack-plugin to v5
  • Schedule: ["at any time"]
  • Branch name: renovate/html-webpack-plugin-5.x
  • Merge into: master
  • Upgrade html-webpack-plugin to 5.3.2
Update dependency prettier to v2
  • Schedule: ["at any time"]
  • Branch name: renovate/prettier-2.x
  • Merge into: master
  • Upgrade prettier to ^2.0.0
Update dependency typed-contracts to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/typed-contracts-3.x
  • Merge into: master
  • Upgrade typed-contracts to ^3.0.0
Update dependency webpack to v5
  • Schedule: ["at any time"]
  • Branch name: renovate/webpack-5.x
  • Merge into: master
  • Upgrade webpack to 5.51.1
Update dependency webpack-cli to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/webpack-cli-4.x
  • Merge into: master
  • Upgrade webpack-cli to 4.8.0

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or spam the project. See docs for prhourlylimit for details.

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by WhiteSource Renovate. View repository job log here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@renovate-bot