renovate 41.171.9 → 41.172.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -36,7 +36,7 @@ exports.presets = {
|
|
|
36
36
|
osvVulnerabilityAlerts: true,
|
|
37
37
|
},
|
|
38
38
|
minimumReleaseAgeNpm: {
|
|
39
|
-
description: 'Wait until the npm package is three days old before raising the update,
|
|
39
|
+
description: 'Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.',
|
|
40
40
|
npm: {
|
|
41
41
|
minimumReleaseAge: '3 days',
|
|
42
42
|
internalChecksFilter: 'strict',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security.js","sourceRoot":"","sources":["../../../../lib/config/presets/internal/security.ts"],"names":[],"mappings":";;;AAEa,QAAA,OAAO,GAA2B;IAC7C,mBAAmB,EAAE;QACnB,WAAW,EAAE,sCAAsC;QACnD,YAAY,EAAE;YACZ;gBACE,eAAe,EAAE,CAAC,uBAAuB,CAAC;gBAC1C,iBAAiB,EAAE;oBACjB,OAAO,EACL,2KAA2K;iBAC9K;gBACD,aAAa,EAAE;oBACb,SAAS;oBACT,MAAM;oBACN,QAAQ;oBACR,QAAQ;oBACR,SAAS;oBACT,SAAS;iBACV;aACF;SACF;KACF;IACD,uBAAuB,EAAE;QACvB,WAAW,EACT,iEAAiE;QACnE,OAAO,EAAE,CAAC,oBAAoB,CAAC;QAC/B,YAAY,EAAE;YACZ;gBACE,OAAO,EAAE,KAAK;gBACd,iBAAiB,EAAE,CAAC,GAAG,CAAC;aACzB;SACF;QACD,mBAAmB,EAAE;YACnB,OAAO,EAAE,IAAI;SACd;QACD,sBAAsB,EAAE,IAAI;KAC7B;IACD,oBAAoB,EAAE;QACpB,WAAW,EACT,
|
|
1
|
+
{"version":3,"file":"security.js","sourceRoot":"","sources":["../../../../lib/config/presets/internal/security.ts"],"names":[],"mappings":";;;AAEa,QAAA,OAAO,GAA2B;IAC7C,mBAAmB,EAAE;QACnB,WAAW,EAAE,sCAAsC;QACnD,YAAY,EAAE;YACZ;gBACE,eAAe,EAAE,CAAC,uBAAuB,CAAC;gBAC1C,iBAAiB,EAAE;oBACjB,OAAO,EACL,2KAA2K;iBAC9K;gBACD,aAAa,EAAE;oBACb,SAAS;oBACT,MAAM;oBACN,QAAQ;oBACR,QAAQ;oBACR,SAAS;oBACT,SAAS;iBACV;aACF;SACF;KACF;IACD,uBAAuB,EAAE;QACvB,WAAW,EACT,iEAAiE;QACnE,OAAO,EAAE,CAAC,oBAAoB,CAAC;QAC/B,YAAY,EAAE;YACZ;gBACE,OAAO,EAAE,KAAK;gBACd,iBAAiB,EAAE,CAAC,GAAG,CAAC;aACzB;SACF;QACD,mBAAmB,EAAE;YACnB,OAAO,EAAE,IAAI;SACd;QACD,sBAAsB,EAAE,IAAI;KAC7B;IACD,oBAAoB,EAAE;QACpB,WAAW,EACT,kUAAkU;QACpU,GAAG,EAAE;YACH,iBAAiB,EAAE,QAAQ;YAC3B,oBAAoB,EAAE,QAAQ;YAC9B,UAAU,EAAE,aAAa;SAC1B;KACF;CACF,CAAC","sourcesContent":["import type { Preset } from '../types';\n\nexport const presets: Record<string, Preset> = {\n 'openssf-scorecard': {\n description: 'Show OpenSSF badge on pull requests.',\n packageRules: [\n {\n matchSourceUrls: ['https://github.com/**'],\n prBodyDefinitions: {\n OpenSSF:\n '[](https://securityscorecards.dev/viewer/?uri=github.com/{{sourceRepo}})',\n },\n prBodyColumns: [\n 'Package',\n 'Type',\n 'Update',\n 'Change',\n 'Pending',\n 'OpenSSF',\n ],\n },\n ],\n },\n 'only-security-updates': {\n description:\n 'Only update dependencies if vulnerabilities have been detected.',\n extends: ['config:recommended'],\n packageRules: [\n {\n enabled: false,\n matchPackageNames: ['*'],\n },\n ],\n vulnerabilityAlerts: {\n enabled: true,\n },\n osvVulnerabilityAlerts: true,\n },\n minimumReleaseAgeNpm: {\n description:\n 'Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.',\n npm: {\n minimumReleaseAge: '3 days',\n internalChecksFilter: 'strict',\n prCreation: 'not-pending',\n },\n },\n};\n"]}
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "renovate",
|
|
3
3
|
"description": "Automated dependency updates. Flexible so you don't need to be.",
|
|
4
|
-
"version": "41.
|
|
4
|
+
"version": "41.172.0",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"bin": {
|
|
7
7
|
"renovate": "dist/renovate.js",
|
|
@@ -220,7 +220,7 @@
|
|
|
220
220
|
"@eslint/js": "9.37.0",
|
|
221
221
|
"@hyrious/marshal": "0.3.3",
|
|
222
222
|
"@ls-lint/ls-lint": "2.3.1",
|
|
223
|
-
"@openpgp/web-stream-tools": "0.2.
|
|
223
|
+
"@openpgp/web-stream-tools": "0.2.1",
|
|
224
224
|
"@semantic-release/exec": "7.1.0",
|
|
225
225
|
"@smithy/util-stream": "4.5.4",
|
|
226
226
|
"@types/auth-header": "1.0.6",
|
package/renovate-schema.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
|
-
"title": "JSON schema for Renovate 41.
|
|
2
|
+
"title": "JSON schema for Renovate 41.172.0 config files (https://renovatebot.com/)",
|
|
3
3
|
"$schema": "http://json-schema.org/draft-07/schema#",
|
|
4
|
-
"x-renovate-version": "41.
|
|
4
|
+
"x-renovate-version": "41.172.0",
|
|
5
5
|
"allowComments": true,
|
|
6
6
|
"type": "object",
|
|
7
7
|
"properties": {
|