{ "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "config:recommended", "default:automergeDigest", "default:automergeBranchPush", "helpers:pinGitHubActionDigests" ], "commitBody": "PR created by Renovate Bot.", "timezone": "Australia/Sydney", "vulnerabilityAlerts": { "groupName": "renovate-security", "schedule": ["before 11pm every day"], "dependencyDashboardApproval": false, "minimumReleaseAge": "1h", "rangeStrategy": "update-lockfile", "commitMessageSuffix": "[SECURITY]", "branchTopic": "{{{datasource}}}-{{{depName}}}-vulnerability", "prCreation": "immediate" }, "pinDigests": true, "ignoreTests": true, "postUpdateOptions": [ "gomodTidy" ], "pruneStaleBranches": true, "pruneBranchAfterAutomerge": true, "automerge": true, "automergeType": "pr", "automergeStrategy": "squash", "automergeSchedule": [ "at any time" ], "packageRules": [ { "matchManagers": ["gomod"], "matchDepTypes": ["indirect"], "enabled": true }, { "matchManagers": ["docker-compose"], "matchUpdateTypes": ["pin", "digest"], "enabled": false } ] }