diff --git a/.github/dependabot.yml b/.github/dependabot.yml index d8d2e098901..5db8a102626 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -8,22 +8,3 @@ updates: directory: "/" schedule: interval: "weekly" - - package-ecosystem: "npm" - directory: "/" - schedule: - interval: "daily" - ignore: - # ignore minor/patch updates for now - - dependency-name: "*" - update-types: ["version-update:semver-minor", "version-update:semver-patch"] - # things that will probably need some thinking - - dependency-name: "d3" - - dependency-name: "husky" - - dependency-name: "slate" - - dependency-name: "slate-plain-serializer" - - dependency-name: "systemjs" - - dependency-name: "ts-loader" # we should remove ts-loader and use babel-loader instead - - dependency-name: "ora" # we should bump this once we move to esm modules - reviewers: - - "grafana/frontend-ops" - versioning-strategy: "increase-if-necessary" diff --git a/.github/renovate.json5 b/.github/renovate.json5 new file mode 100644 index 00000000000..8886041e644 --- /dev/null +++ b/.github/renovate.json5 @@ -0,0 +1,32 @@ +{ + "extends": [ + "config:base" + ], + "enabledManagers": ["npm"], + "ignoreDeps": [ + "d3", + "husky", + "slate", + "slate-plain-serializer", + "systemjs", + "ts-loader", // we should remove ts-loader and use babel-loader instead + "ora" // we should bump this once we move to esm modules + ], + "ignorePaths": ["emails/**", "plugins-bundled/**", "**/mocks/**"], + "labels": ["area/frontend", "dependencies"], + "minor": { + "enabled": false + }, + "patch": { + "enabled": false + }, + "pin": { + "enabled": false + }, + "prConcurrentLimit": 10, + "reviewers": ["team:grafana/frontend-ops"], + "separateMajorMinor": false, + "vulnerabilityAlerts": { + "addLabels": ["area/security"] + } +}