Merge pull request 'Enable renovate osv vulnerability alerts' (#2788) from viceice/forgejo:chore/renovate into forgejo

loading up the forgejo repo on tangled to test page performance

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2788
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>

Earl Warren 2 years ago b88bae5c 069b78b3

2 changed files

expand all

.forgejo

workflows

renovate.yml

renovate.json

.forgejo/workflows/renovate.yml

··· 30 30 with: 31 31 path: | 32 32 .tmp/cache/renovate/repository 33 + .tmp/osv 33 34 key: repo-cache-${{ github.run_id }} 34 35 restore-keys: | 35 36 repo-cache- ··· 51 52 GIT_COMMITTER_NAME: 'Renovate Bot' 52 53 GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org' 53 54 55 + OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv 56 + 54 57 - name: Save renovate repo cache 55 58 if: always() && env.RENOVATE_DRY_RUN != 'full' 56 59 uses: https://code.forgejo.org/actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 57 60 with: 58 61 path: | 59 62 .tmp/cache/renovate/repository 63 + .tmp/osv 60 64 key: repo-cache-${{ github.run_id }}

renovate.json

··· 19 19 "postUpdateOptions": ["gomodTidy", "gomodUpdateImportPaths", "npmDedupe"], 20 20 "prConcurrentLimit": 5, 21 21 "internalChecksFilter": "strict", 22 + "osvVulnerabilityAlerts": true, 22 23 "packageRules": [ 23 24 { 24 25 "description": "Require approval for go and python minor version",

Configure Feed

Configure Feed