renovatebot/.profile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initialized profile page

Browse Source
This commit is contained in:
Renovate Bot 2025-04-22 12:30:27 +00:00 committed by Gitea
parent e558c73f1e
commit 1240a8d7b5
Signed by: Gitea
GPG Key ID: CAAFB340702C1B49
1 changed files with 94 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
README.md
View File

@ -1,3 +1,95 @@
# .profile
# 🤖 Renovate Bot
Renovate Bot Profile Page
Welcome! This is the dedicated account that powers **Renovate Bot** on our selfhosted Gitea instance.
Its sole mission: keep our dependencies up to date, consistent, and secure—so you can focus on writing code rather than chasing version bumps.
---
## What Renovate Does
| 📦 | **Detects dependencies** in supported files (e.g. `package.json`, `pom.xml`, `Dockerfile`, `go.mod`, etc.) |
|----|-------------------------------------------------------------------------------------------------------------|
| 🔎 | **Checks upstream registries** for new releases, security patches, and licensing changes |
| 🛠 | **Opens pull requests** with version updates, changelogs, and automated release notes |
| 🚦 | **Groups or rebases PRs** to respect repository rules, semanticversioning, your schedule, and config |
---
## Typical Pull Request Anatomy
```
renovate/<package-name>-<new-version>
├─ 📄  commit: build(deps): update <package> to <new-version>
├─ 📝  PR body: changelogextract, release notes, breakingchange highlights
└─ 🔖  labels: dependencies • renovate • ❗ major (if semvermajor)
```
**Headsup:** The branch naming and commit convention above is standard but can be adjusted in repositorylevel config.
---
## Interacting With the Bot
| Action | How |
|--------|-----|
| **Merge or close** | Treat Renovate PRs like any other. Fastforward merges are preferred to keep history clean. |
| **Rerun a failed PR** | Comment `@renovate-bot rebase` or `@renovate-bot recreate` on the PR. |
| **Pause updates** | Add the label `renovateignore` **or** set `"enabled": false` in `renovate.json`. |
| **Schedule batches** | Define `schedule`: `"before 05:00 on monday"` etc. in your config. |
| **Group deps** | Use `"packageRules"` with a `groupName` key to bundle related packages. |
---
## QuickStart: PerRepo Config
Create a **`renovate.json`** at the repository root (or inherit from a preset)  for example:
```jsonc
{
"extends": ["config:base"],
"dependencyDashboard": true,
"schedule": ["before 06:00 on monday"],
"packageRules": [
{
"matchUpdateTypes": ["major"],
"automerge": false,
"labels": ["❗major"]
}
]
}
```
*Need more?* Consult the official docs: <https://docs.renovatebot.com/>.
---
## Security & Trust
* Runs in our private CI and never executes dependency code—only updates manifest files.
* Auth tokens are scoped to the minimal permissions required (read code, write PRs, no direct pushes to default branch).
* Changelogs are included so you can audit releases before merging.
---
## FAQs
* **Why so many PRs?**
Tune `schedule`, enable grouping, or raise thresholds in your `renovate.json`.
* **The update breaks my build.**
Close the PR and add a pin/range in your manifest, or configure Renovate to ignore that dependency version.
* **Can I opt-out completely?**
Yes—set `"enabled": false` in your repo config or ask the DevOps team to disable the repo.
---
## Maintainer & Support
* Primary contact: **DevOps / Platform Team** (`contact@morlana.net`)
* Emergency stop: remove Renovate from the repo permissions, then ping DevOps.
> **Happy automated upgrading!**
> Renovate Bot 🤖
```