diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 473ecc8..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,11 +0,0 @@ -version: 2 -updates: - - package-ecosystem: "nuget" - directory: "/src" - schedule: - interval: "weekly" - - - package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: "weekly" \ No newline at end of file diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..ffb87b7 --- /dev/null +++ b/renovate.json @@ -0,0 +1,47 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "platform": "github", + "labels": ["renovate"], + "extends": [ + "config:base", + ":rebaseStalePrs" + ], + "enabledManagers": [ + "nuget", + "github-actions" + ], + "stabilityDays": 3, + "prHourlyLimit": 0, + "prConcurrentLimit": 0, + "branchConcurrentLimit": 0, + "dependencyDashboard": false, + "gitAuthor": "Renovate Bot ", + "packageRules": [ + { + "matchManagers": ["nuget"], + "excludePackagePatterns": ["^Microsoft\\.Extensions\\.", "^System\\.", "^dotnet-sdk$"], + "groupName": "NuGet dependencies" + }, + { + "matchManagers": ["nuget"], + "matchPackagePatterns": ["^Microsoft\\.Extensions\\.", "^System\\."], + "groupName": "Ignored NuGet dependencies", + "description": "These packages are usually set to a user-defined minimal supported version such as 6.0.0 for .NET 6, and they are overriden by consuming applications", + "enabled": false + }, + { + "matchPackageNames": ["dotnet-sdk"], + "groupName": "Dotnet SDK", + "description": "Only update patch and minor for the dotnet SDK version within the global.json", + "extends": [":disableMajorUpdates"] + }, + { + "matchManagers": ["github-actions"], + "groupName": "GitHub actions dependencies" + } + ], + "vulnerabilityAlerts": { + "enabled": true, + "labels": ["security"] + } +} \ No newline at end of file