chore: reduce renovate updates noise #750
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
intcreator
previously approved these changes
Oct 26, 2023
sheerlox
force-pushed
the
chore/reduce-renovate-noise
branch
from
6006b9e
to
0b2cba5
Compare
|
rebased branch against |
intcreator
approved these changes
Nov 3, 2023
|
@intcreator since I have no access to the repository settings, could you please go through the TODO to configure the new branch protection settings before we can merge this? 😄 |
|
done! |
ncb000gt
pushed a commit
that referenced
this pull request
Apr 8, 2024
## [3.1.7](v3.1.6...v3.1.7) (2024-04-08) ### 🛠 Builds * **deps:** update dependency [@types](https://github.com/types)/luxon to ~3.4.0 ([#831](#831)) ([7c31bae](7c31bae)) ### ⚙️ Continuous Integrations * **action:** prevent duplicate checks on Renovate PRs ([#784](#784)) ([6b56a36](6b56a36)) * **action:** update actions/setup-node digest to 60edb5d ([#821](#821)) ([f05b75e](f05b75e)) * **action:** update actions/upload-artifact action to v4 ([#856](#856)) ([46d6660](46d6660)) * **action:** update amannn/action-semantic-pull-request digest to e9fabac ([#849](#849)) ([d96457c](d96457c)) * **action:** update github/codeql-action action to v2.22.6 ([#783](#783)) [skip ci] ([687fd43](687fd43)) * **action:** update github/codeql-action action to v2.22.7 ([#787](#787)) ([a0204d8](a0204d8)) * **action:** update github/codeql-action action to v2.22.8 ([#797](#797)) ([323f48c](323f48c)) * **action:** update github/codeql-action action to v3 ([#817](#817)) ([69d2695](69d2695)) * **action:** update insurgent-lab/is-in-pr-action action to v0.1.4 ([#790](#790)) ([8e85b13](8e85b13)) * **action:** update insurgent-lab/is-in-pr-action action to v0.1.5 ([#798](#798)) ([76751d2](76751d2)) * **action:** update insurgent-lab/is-in-pr-action action to v0.2.0 ([#853](#853)) ([cc3fcbd](cc3fcbd)) * **action:** update marocchino/sticky-pull-request-comment digest to 331f8f5 ([#850](#850)) ([a477f08](a477f08)) * **action:** update step-security/harden-runner action to v2.6.1 ([#788](#788)) [skip ci] ([2e5ca52](2e5ca52)) * **action:** update step-security/harden-runner action to v2.7.0 ([#846](#846)) ([f1a8486](f1a8486)) * fix renovate skipping checks ([#796](#796)) ([3b00555](3b00555)) ### ♻️ Chores * **deps:** lock file maintenance ([38979af](38979af)) * **deps:** lock file maintenance ([dc5b205](dc5b205)) * **deps:** lock file maintenance ([77ddb73](77ddb73)) * **deps:** lock file maintenance ([03eea6c](03eea6c)) * **deps:** lock file maintenance ([94e8aac](94e8aac)) * **deps:** lock file maintenance ([142c2d1](142c2d1)) * **deps:** lock file maintenance ([c70bd32](c70bd32)) * **deps:** lock file maintenance ([e0931ca](e0931ca)) * **deps:** lock file maintenance ([effe686](effe686)) * **deps:** lock file maintenance ([#763](#763)) ([5d17388](5d17388)) * **deps:** lock file maintenance ([#771](#771)) ([cf3d5e8](cf3d5e8)) * **deps:** lock file maintenance ([#781](#781)) ([6a00c1e](6a00c1e)) * **deps:** lock file maintenance ([#793](#793)) ([bcbc778](bcbc778)) * **deps:** lock file maintenance ([#804](#804)) ([2e72c8f](2e72c8f)) * **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.4.3 ([8c8acf7](8c8acf7)) * **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.4.4 ([2572023](2572023)) * **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.6.0 ([22e8a0f](22e8a0f)) * **deps:** update dependency [@commitlint](https://github.com/commitlint)/cli to v18.6.1 ([e34c9d1](e34c9d1)) * **deps:** update dependency [@fast-check](https://github.com/fast-check)/jest to v1.8.0 ([689eea4](689eea4)) * **deps:** update dependency [@fast-check](https://github.com/fast-check)/jest to v1.8.1 ([a6a120c](a6a120c)) * **deps:** update dependency [@insurgent](https://github.com/insurgent)/conventional-changelog-preset to v9.0.1 ([39ae9c1](39ae9c1)) * **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/github to v9.2.4 ([be59173](be59173)) * **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/github to v9.2.6 ([4c994df](4c994df)) * **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/npm to v11.0.1 ([#770](#770)) ([72f9dea](72f9dea)) * **deps:** update dependency [@semantic-release](https://github.com/semantic-release)/npm to v11.0.3 ([d62bc05](d62bc05)) * **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.11 ([8fe499f](8fe499f)) * **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.12 ([621f556](621f556)) * **deps:** update dependency [@types](https://github.com/types)/jest to v29.5.7 ([#765](#765)) [skip ci] ([3b9b43d](3b9b43d)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.10.0 ([3111ecd](3111ecd)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.10.4 ([b0853e7](b0853e7)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.10.5 ([35ee733](35ee733)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.10.7 ([603fdfa](603fdfa)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.0 ([a1a38fe](a1a38fe)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.13 ([c42b5e9](c42b5e9)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.17 ([f37f31c](f37f31c)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.19 ([c3bdd6d](c3bdd6d)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.24 ([fb4a087](fb4a087)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.25 ([4b22794](4b22794)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.26 ([166563d](166563d)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.27 ([8c14927](8c14927)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.28 ([bf7efeb](bf7efeb)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.30 ([ed26da9](ed26da9)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.5 ([8838ae5](8838ae5)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.11.8 ([006f6fc](006f6fc)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.12.2 ([f6bf108](f6bf108)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.12.3 ([30648f8](30648f8)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.12.4 ([7d5cf86](7d5cf86)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.8.10 ([#768](#768)) [skip ci] ([6a91b78](6a91b78)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.9.0 ([6d972d5](6d972d5)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.9.1 ([1817d85](1817d85)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.9.2 ([a9fb08b](a9fb08b)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.9.4 ([05124bb](05124bb)) * **deps:** update dependency [@types](https://github.com/types)/node to v20.9.5 ([a32ba3d](a32ba3d)) * **deps:** update dependency [@types](https://github.com/types)/sinon to v17 ([#774](#774)) [skip ci] ([6ab97db](6ab97db)) * **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.11.0 ([d41dfa3](d41dfa3)) * **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.12.0 ([bd2e981](bd2e981)) * **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.13.1 ([#806](#806)) ([d696565](d696565)) * **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.13.2 ([d614393](d614393)) * **deps:** update dependency [@typescript-eslint](https://github.com/typescript-eslint)/eslint-plugin to v6.9.1 ([#766](#766)) [skip ci] ([4d2bfe6](4d2bfe6)) * **deps:** update dependency chai to v4.4.1 ([cd26e74](cd26e74)) * **deps:** update dependency eslint to v8.53.0 ([#773](#773)) [skip ci] ([8dea8d7](8dea8d7)) * **deps:** update dependency eslint to v8.54.0 ([ef4a99c](ef4a99c)) * **deps:** update dependency eslint to v8.55.0 ([f5578ac](f5578ac)) * **deps:** update dependency eslint-config-prettier to v9.1.0 ([ba1df8b](ba1df8b)) * **deps:** update dependency eslint-plugin-jest to v27.6.0 ([#762](#762)) ([615b06f](615b06f)) * **deps:** update dependency eslint-plugin-jest to v27.8.0 ([ca9c72d](ca9c72d)) * **deps:** update dependency prettier to v3.1.1 ([f31bd3b](f31bd3b)) * **deps:** update dependency semantic-release to v22.0.6 ([#767](#767)) [skip ci] ([230291a](230291a)) * **deps:** update dependency semantic-release to v22.0.9 ([ac87eba](ac87eba)) * **deps:** update dependency sinon to v17.0.1 ([#769](#769)) [skip ci] ([bf2bdfb](bf2bdfb)) * **deps:** update dependency ts-jest to v29.1.2 ([6f8af23](6f8af23)) * **deps:** update dependency typescript to v5.3.2 ([#802](#802)) ([0f541a4](0f541a4)) * **deps:** update dependency typescript to v5.3.3 ([4f470c6](4f470c6)) * **deps:** update dependency typescript to v5.4.2 ([98dfa32](98dfa32)) * **deps:** update dependency typescript to v5.4.3 ([412c453](412c453)) * **deps:** update dependency typescript to v5.4.4 ([6b172b1](6b172b1)) * **deps:** update linters ([2c2fe1b](2c2fe1b)) * **deps:** update linters ([66a470a](66a470a)) * **deps:** update linters ([3010a70](3010a70)) * **deps:** update linters ([f8609df](f8609df)) * **deps:** update linters ([8937be5](8937be5)) * **deps:** update linters ([834e0f4](834e0f4)) * **deps:** update linters ([fe0d705](fe0d705)) * **deps:** update linters ([767ad39](767ad39)) * **deps:** update semantic-release related packages ([38096a9](38096a9)) * **deps:** update semantic-release related packages ([a5cd89d](a5cd89d)) * **deps:** update semantic-release related packages ([#772](#772)) [skip ci] ([4a654a7](4a654a7)) * **deps:** update semantic-release related packages ([#777](#777)) ([898254c](898254c)) * **deps:** update tests ([eb417b6](eb417b6)) * **deps:** update tests ([0cdd4a3](0cdd4a3)) * **deps:** update tests ([#800](#800)) ([ea1a22b](ea1a22b)) * reduce renovate updates noise ([#750](#750)) ([661722f](661722f)) * reflect insurgentlab scope update in config files ([#785](#785)) ([edf67d0](edf67d0))
|
🎉 This PR is included in version 3.1.7 🎉 The release is available on: Your semantic-release bot 📦🚀 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
in order to reduce the noise Renovate generates, this PR introduces the following changes:
npm audit signaturesto "Test" & "Release" workflowsnpm run releasescript and use directlynpx semantic-releasein the "Release" workflowMotivation and Context
Renovate raises a lot of PRs, but most of them can be auto-merged if the tests are passing. this is already the current setup, but this PR pushes this further by configuring Renovate to not raise PRs if the update is configured for automerge.
I've been setting this up for the @insurgent-lab organization, and this PR is a reflection of the changes made there (see insurgent-lab/.github@a1dac39 and insurgent-lab/conventional-changelog-preset@e08b793).
TODO before merging
this new setup requires a different branch protection approach (to allow the Renovate bot to merge branches without going through the PR process), which is based on the new GitHub "Rulesets" feature:
test / required_checkcheckmain.since repository administrators are allowed to update the default branch (
main) in the "(bypass)" ruleset,semantic-releasewill still be able to do its job since it's using a GitHub PAT from Nick.side note: this TODO also prepares us to restrict the rights we give to
semantic-releasein the future. it currently isn't possible to runsemantic-releaseas a GitHub app, but I know from exchanging with one of the organization's maintainers that fixing the security concerns introduced by the need for a GitHub PAT is very important to them.