From 870b0b416129c424f64d2da3008bef3184fd3492 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Fri, 14 Oct 2022 08:02:11 -0400 Subject: [PATCH 1/8] Create renovate.json --- renovate.json | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..1b62b2c --- /dev/null +++ b/renovate.json @@ -0,0 +1,15 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + + "extends": [ + "config:base" + ], + + "enabledManagers": [ + "docker-compose", + "github-actions", + "pip_requirements", + "setup-cfg" + ] + +} From 36d725eaf3ae62e43c6759b13bc723ad2bafe4c2 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Fri, 14 Oct 2022 08:02:45 -0400 Subject: [PATCH 2/8] Create .bandit --- .bandit | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .bandit diff --git a/.bandit b/.bandit new file mode 100644 index 0000000..7cad8d5 --- /dev/null +++ b/.bandit @@ -0,0 +1,2 @@ +[bandit] +exclude: *venv*,*env*,*scratch* From 651fce287cfc87b68c4bfd9e197370518601211e Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Fri, 14 Oct 2022 08:04:24 -0400 Subject: [PATCH 3/8] Create lint-renovate.yml --- .github/workflows/lint-renovate.yml | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .github/workflows/lint-renovate.yml diff --git a/.github/workflows/lint-renovate.yml b/.github/workflows/lint-renovate.yml new file mode 100644 index 0000000..f1efa58 --- /dev/null +++ b/.github/workflows/lint-renovate.yml @@ -0,0 +1,19 @@ +on: + # Trigger the workflow on push or pull request, + # but only for the main branch + push: + branches: + - main + pull_request: + branches: + - main + +jobs: + renovate: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - name: 🧼 lint renovate config # Validates changes to renovate.json config file + uses: suzuki-shunsuke/github-action-renovate-config-validator@v0.1.2 + with: + config_file_path: 'renovate.json' From 6cc579dfe11ba6b2d6e0856755bd99f0d638abf9 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Fri, 14 Oct 2022 08:06:00 -0400 Subject: [PATCH 4/8] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 822429a..36cd806 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,11 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +# Unreleased + +## [0.1.1] - 2022-10-14 +- Renovate configuration and replaced dependabot per OSPO recommendations + ## [0.1.0] - 2021-10-22 Skeleton empty project. From cbb8a784aa422f68eed0b2d153e190f718713b80 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Fri, 14 Oct 2022 08:08:26 -0400 Subject: [PATCH 5/8] Update CHANGELOG.md --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 36cd806..ba67459 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,9 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -# Unreleased +## Unreleased ## [0.1.1] - 2022-10-14 + - Renovate configuration and replaced dependabot per OSPO recommendations ## [0.1.0] - 2021-10-22 From babd20338bb7147755ccf3a6f9ddc3524b4cdd72 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Tue, 18 Oct 2022 12:34:04 -0400 Subject: [PATCH 6/8] Update lint-renovate.yml --- .github/workflows/lint-renovate.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/lint-renovate.yml b/.github/workflows/lint-renovate.yml index f1efa58..3d35982 100644 --- a/.github/workflows/lint-renovate.yml +++ b/.github/workflows/lint-renovate.yml @@ -1,19 +1,19 @@ +name: Lint Renovate Config + on: # Trigger the workflow on push or pull request, # but only for the main branch + pull_request: {} push: - branches: - - main - pull_request: - branches: - - main + branches: ["main"] jobs: renovate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - name: 🧼 lint renovate config # Validates changes to renovate.json config file + - name: Check out code + uses: actions/checkout@v3 + - name: 🧼 Lint # Validates changes to renovate.json config file uses: suzuki-shunsuke/github-action-renovate-config-validator@v0.1.2 with: config_file_path: 'renovate.json' From 331cfe4d7ee94ab0a3f1eb383298f6063c8e5337 Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Tue, 18 Oct 2022 12:34:33 -0400 Subject: [PATCH 7/8] Update renovate.json --- renovate.json | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/renovate.json b/renovate.json index 1b62b2c..e9520fa 100644 --- a/renovate.json +++ b/renovate.json @@ -1,15 +1,17 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - + "labels": [ + "renovate/{{depName}}" + ], "extends": [ - "config:base" + "config:base", + "schedule:earlyMondays", + ":dependencyDashboard", + ":rebaseStalePrs" ], - - "enabledManagers": [ + "enabledManagers": [ "docker-compose", "github-actions", - "pip_requirements", - "setup-cfg" + "pip_requirements" ] - } From a31a193336c6144f0120c7c6a7ef0ab5c4faaa6e Mon Sep 17 00:00:00 2001 From: Jash Parekh Date: Tue, 18 Oct 2022 12:35:04 -0400 Subject: [PATCH 8/8] Update CHANGELOG.md --- CHANGELOG.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ba67459..822429a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,12 +5,6 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). -## Unreleased - -## [0.1.1] - 2022-10-14 - -- Renovate configuration and replaced dependabot per OSPO recommendations - ## [0.1.0] - 2021-10-22 Skeleton empty project.