mirror of https://github.com/astral-sh/ruff
Instruct Renovate to pin GitHub Actions based on SHA (#16789)
## Summary The intent here is that all actions should be pinned to an immutable SHA (but that Renovate should annotate each SHA with the corresponding SemVer version). See https://github.com/astral-sh/uv/pull/12189 ## Test plan ``` npx --yes --package renovate -- renovate-config-validator npm warn deprecated inflight@1.0.6: This module is not supported, and leaks memory. Do not use it. Check out lru-cache if you want a good and tested way to coalesce async requests by a key value, which is much more comprehensive and powerful. npm warn deprecated rimraf@2.4.5: Rimraf versions prior to v4 are no longer supported npm warn deprecated boolean@3.2.0: Package no longer supported. Contact Support at https://www.npmjs.com/support for more info. npm warn deprecated glob@6.0.4: Glob versions prior to v9 are no longer supported INFO: Validating .github/renovate.json5 INFO: Config validated successfully ```
This commit is contained in:
Micha Reiser
GitHub
parent
01f3ef4e4f
commit
3768f9cb52
|
|
@ -40,6 +40,17 @@
|
||||||
enabled: true,
|
enabled: true,
|
||||||
},
|
},
|
||||||
packageRules: [
|
packageRules: [
|
||||||
|
// Pin GitHub Actions to immutable SHAs.
|
||||||
|
{
|
||||||
|
matchDepTypes: ["action"],
|
||||||
|
pinDigests: true,
|
||||||
|
},
|
||||||
|
// Annotate GitHub Actions SHAs with a SemVer version.
|
||||||
|
{
|
||||||
|
extends: ["helpers:pinGitHubActionDigests"],
|
||||||
|
extractVersion: "^(?<version>v?\\d+\\.\\d+\\.\\d+)$",
|
||||||
|
versioning: "regex:^v?(?<major>\\d+)(\\.(?<minor>\\d+)\\.(?<patch>\\d+))?$",
|
||||||
|
},
|
||||||
{
|
{
|
||||||
// Group upload/download artifact updates, the versions are dependent
|
// Group upload/download artifact updates, the versions are dependent
|
||||||
groupName: "Artifact GitHub Actions dependencies",
|
groupName: "Artifact GitHub Actions dependencies",
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue