Skip to content

chore: Configure Renovate#2

Open
mm-renovate-bot[bot] wants to merge 1 commit intomainfrom
renovate/configure
Open

chore: Configure Renovate#2
mm-renovate-bot[bot] wants to merge 1 commit intomainfrom
renovate/configure

Conversation

@mm-renovate-bot
Copy link

@mm-renovate-bot mm-renovate-bot bot commented Mar 16, 2026
edited
Loading

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

  • pyproject.toml (poetry)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Enable Renovate Dependency Dashboard creation.
  • Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
  • Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
  • Group known monorepo packages together.
  • Use curated list of recommended non-monorepo package groupings.
  • Show only the Age and Confidence Merge Confidence badges for pull requests.
  • Apply crowd-sourced package replacement rules.
  • Apply crowd-sourced workarounds for known problems with packages.
  • Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
  • Correctly link to the source code for golang.org/x packages
  • Link to pkg.go.dev/... for golang.org/x packages' title
  • Pin Docker digests.
  • Pin github-action digests.
  • Enable Renovate configuration migration PRs when needed.
  • Pin dependency versions for development dependencies.
  • Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
  • Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
  • Run lock file maintenance (updates) early Monday mornings.
  • Show all Merge Confidence badges for pull requests.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 12 Pull Requests:

dev: Pin dependencies
  • Schedule: ["at any time"]
  • Branch name: renovate/pin-dependencies
  • Merge into: main
  • Pin faker to 15.3.4
  • Pin flake8 to 3.9.2
  • Pin isort to 5.11.1
  • Pin mypy to 0.910
  • Pin pydocstyle to 6.1.1
  • Pin pytest to 6.2.5
  • Pin tox to 3.25.1
  • Pin types-requests to 2.28.11.5
dev: Update dependency psycopg2-binary to v2.9.11
  • Schedule: ["at any time"]
  • Branch name: renovate/psycopg2-binary-2.x
  • Merge into: main
  • Upgrade psycopg2-binary to 2.9.11
dev: Update dependency mypy to ^0.991
  • Schedule: ["at any time"]
  • Branch name: renovate/mypy-0.x
  • Merge into: main
  • Upgrade mypy to ^0.991
dev: Update dependency requests to v2.32.5
  • Schedule: ["at any time"]
  • Branch name: renovate/requests-2.x-lockfile
  • Merge into: main
  • Upgrade requests to 2.32.5
dev: Update dependency singer-sdk to ^0.53.0
  • Schedule: ["at any time"]
  • Branch name: renovate/singer-sdk-0.x
  • Merge into: main
  • Upgrade singer-sdk to ^0.53.0
dev: Update dependency faker to v40
  • Schedule: ["at any time"]
  • Branch name: renovate/faker-40.x
  • Merge into: main
  • Upgrade faker to ^40.0.0
dev: Update dependency flake8 to v7
  • Schedule: ["at any time"]
  • Branch name: renovate/flake8-7.x
  • Merge into: main
  • Upgrade flake8 to ^7.0.0
dev: Update dependency isort to v8
  • Schedule: ["at any time"]
  • Branch name: renovate/isort-8.x
  • Merge into: main
  • Upgrade isort to ^8.0.0
dev: Update dependency mypy to v1
  • Schedule: ["at any time"]
  • Branch name: renovate/mypy-1.x
  • Merge into: main
  • Upgrade mypy to ^1.19
dev: Update dependency pytest to v9
  • Schedule: ["at any time"]
  • Branch name: renovate/pytest-9.x
  • Merge into: main
  • Upgrade pytest to ^9.0.0
dev: Update dependency tox to v4
  • Schedule: ["at any time"]
  • Branch name: renovate/tox-4.x
  • Merge into: main
  • Upgrade tox to ^4.0.0
dev: Lock file maintenance
  • Schedule: ["* 0-3 * * 1"]
  • Branch name: renovate/lock-file-maintenance
  • Merge into: main
  • Regenerate lock files to use latest dependency versions

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR has been generated by Renovate Bot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants