From 1240a8d7b5ae383595fede5f4c8f69e54444b67e Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Tue, 22 Apr 2025 12:30:27 +0000 Subject: [PATCH] Initialized profile page --- README.md | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 94 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index c6fc43f..668c6d2 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,95 @@ -# .profile +# 🤖 Renovate Bot -Renovate Bot Profile Page \ No newline at end of file +Welcome! This is the dedicated account that powers **Renovate Bot** on our self‑hosted Gitea instance. +Its sole mission: keep our dependencies up to date, consistent, and secure—so you can focus on writing code rather than chasing version bumps. + +--- + +## What Renovate Does + +| 📦 | **Detects dependencies** in supported files (e.g. `package.json`, `pom.xml`, `Dockerfile`, `go.mod`, etc.) | +|----|-------------------------------------------------------------------------------------------------------------| +| 🔎 | **Checks upstream registries** for new releases, security patches, and licensing changes | +| 🛠 | **Opens pull requests** with version updates, changelogs, and automated release notes | +| 🚦 | **Groups or re‑bases PRs** to respect repository rules, semantic‑versioning, your schedule, and config | + +--- + +## Typical Pull Request Anatomy + +``` +renovate/- +│ +├─ 📄  commit: build(deps): update to +├─ 📝  PR body: changelog‑extract, release notes, breaking‑change highlights +└─ 🔖  labels: dependencies • renovate • ❗️ major (if semver‑major) +``` + +**Heads‑up:** The branch naming and commit convention above is standard but can be adjusted in repository‑level config. + +--- + +## Interacting With the Bot + +| Action | How | +|--------|-----| +| **Merge or close** | Treat Renovate PRs like any other. Fast‑forward merges are preferred to keep history clean. | +| **Re‑run a failed PR** | Comment `@renovate-bot rebase` or `@renovate-bot recreate` on the PR. | +| **Pause updates** | Add the label `renovate‑ignore` **or** set `"enabled": false` in `renovate.json`. | +| **Schedule batches** | Define `schedule`: `"before 05:00 on monday"` etc. in your config. | +| **Group deps** | Use `"packageRules"` with a `groupName` key to bundle related packages. | + +--- + +## Quick‑Start: Per‑Repo Config + +Create a **`renovate.json`** at the repository root (or inherit from a preset) – for example: + +```jsonc +{ + "extends": ["config:base"], + "dependencyDashboard": true, + "schedule": ["before 06:00 on monday"], + "packageRules": [ + { + "matchUpdateTypes": ["major"], + "automerge": false, + "labels": ["❗️major"] + } + ] +} +``` + +*Need more?* Consult the official docs: . + +--- + +## Security & Trust + +* Runs in our private CI and never executes dependency code—only updates manifest files. +* Auth tokens are scoped to the minimal permissions required (read code, write PRs, no direct pushes to default branch). +* Changelogs are included so you can audit releases before merging. + +--- + +## FAQs + +* **Why so many PRs?** + Tune `schedule`, enable grouping, or raise thresholds in your `renovate.json`. + +* **The update breaks my build.** + Close the PR and add a pin/range in your manifest, or configure Renovate to ignore that dependency version. + +* **Can I opt-out completely?** + Yes—set `"enabled": false` in your repo config or ask the DevOps team to disable the repo. + +--- + +## Maintainer & Support + +* Primary contact: **DevOps / Platform Team** (`contact@morlana.net`) +* Emergency stop: remove Renovate from the repo permissions, then ping DevOps. + +> **Happy automated upgrading!** +> – Renovate Bot 🤖 +```