{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
":dependencyDashboard",
":semanticCommits"
],
"rangeStrategy": "bump",
"platformAutomerge": true,
"lockFileMaintenance": {
"enabled": true,
"schedule": ["before 3am on monday"]
},
"prHourlyLimit": 4,
"prConcurrentLimit": 8,
"customManagers": [
{
"customType": "regex",
"fileMatch": ["^\\.github/workflows/.+\\.template$"],
"matchStrings": [
"uses:\\s*[\"']?(?<depName>[\\w./-]+)@(?<currentValue>[\\w./-]+)[\"']?"
],
"datasourceTemplate": "github-tags",
"description": "Pick up `uses:` action references inside .template workflow files (kata sources). Renovate's default github-actions manager only scans .yml/.yaml; .template is here so the source isn't auto-executed by GitHub Actions. Optional `[\"']?` wrappers around depName + currentValue accept bare, single-quoted, and double-quoted forms — all three are valid YAML for `uses:`."
}
],
"packageRules": [
{
"description": "Auto-merge patch / pin / digest bumps once CI passes",
"matchUpdateTypes": ["patch", "pin", "digest"],
"automerge": true
},
{
"description": "Group all GitHub Actions updates into one PR (covers both the built-in github-actions manager and the regex customManager that scans .template files). matchDatasources scopes this to github-tags so future customManagers for non-actions deps don't accidentally land in the github-actions group.",
"matchManagers": ["github-actions", "regex"],
"matchDatasources": ["github-tags"],
"groupName": "github-actions"
},
{
"description": "These workflow files are kata-managed (sourced from yukimemi/pj-rust* templates). Action bumps happen centrally there; local edits would be reverted by the next `kata apply`.",
"matchManagers": ["github-actions"],
"matchFileNames": [
".github/workflows/ci.yml",
".github/workflows/release.yml"
],
"enabled": false
}
]
}