configure automatic updates

marcoieni · marcoieni · commit 68b57ee87e1b · 2025-07-15T14:58:55.000+02:00
diff --git a/.github/renovate.json5 b/.github/renovate.json5
@@ -0,0 +1,29 @@
+{
+    $schema: "https://docs.renovatebot.com/renovate-schema.json",
+    extends: ["config:recommended", ":maintainLockFilesMonthly"],
+    automerge: true,
+    packageRules: [
+        {
+            matchCategories: ["javascript", "typescript"],
+            updateTypes: ["patch"],
+            // Disable patch updates for single dependencies because patches
+            // are updated periodically with lockfile maintainance.
+            enabled: false,
+        },
+        {
+          matchCategories: ["rust"],
+          updateTypes: ["patch"],
+          // Disable patch updates for single dependencies because patches
+          // are updated periodically with lockfile maintainance.
+          enabled: false,
+        },
+    ],
+    // Receive any update that fixes security vulnerabilities.
+    // We need this because we disabled "patch" updates for Rust.
+    // Note: You need to enable "Dependabot alerts" in "Code security" GitHub
+    // Settings to receive security updates.
+    // See https://docs.renovatebot.com/configuration-options/#vulnerabilityalerts
+    vulnerabilityAlerts: {
+        enabled: true,
+    },
+}
