mirror of
https://github.com/astral-sh/uv.git
synced 2025-07-07 13:25:00 +00:00
53c2551fac
## Summary Restore API-compatibility with pre-1.1.0 versions of the `zip` crate, and pin the dependency to the 0.6 series, due to concerns discussed in https://github.com/astral-sh/uv/issues/3642. ## Test Plan ``` cargo run -p uv-dev -- fetch-python cargo test ```
68 lines
2.2 KiB
Text
68 lines
2.2 KiB
Text
{
|
|
$schema: "https://docs.renovatebot.com/renovate-schema.json",
|
|
dependencyDashboard: true,
|
|
suppressNotifications: ["prEditedNotification"],
|
|
extends: ["config:recommended"],
|
|
labels: ["internal"],
|
|
schedule: ["before 4am on Monday"],
|
|
semanticCommits: "disabled",
|
|
separateMajorMinor: false,
|
|
prHourlyLimit: 10,
|
|
enabledManagers: ["github-actions", "pre-commit", "cargo"],
|
|
cargo: {
|
|
// See https://docs.renovatebot.com/configuration-options/#rangestrategy
|
|
rangeStrategy: "update-lockfile",
|
|
fileMatch: ["^crates/.*Cargo\\.toml$"],
|
|
},
|
|
"pre-commit": {
|
|
enabled: true,
|
|
},
|
|
packageRules: [
|
|
{
|
|
// Disable updates of `zip-rs`; intentionally pinned for now due to ownership change
|
|
// See: https://github.com/astral-sh/uv/issues/3642
|
|
matchPackagePatterns: ["zip"],
|
|
matchManagers: ["cargo"],
|
|
enabled: false,
|
|
},
|
|
{
|
|
// Group upload/download artifact updates, the versions are dependent
|
|
groupName: "Artifact GitHub Actions dependencies",
|
|
matchManagers: ["github-actions"],
|
|
matchDatasources: ["gitea-tags", "github-tags"],
|
|
matchPackagePatterns: ["actions/.*-artifact"],
|
|
description: "Weekly update of artifact-related GitHub Actions dependencies",
|
|
},
|
|
{
|
|
// This package rule disables updates for GitHub runners:
|
|
// we'd only pin them to a specific version
|
|
// if there was a deliberate reason to do so
|
|
groupName: "GitHub runners",
|
|
matchManagers: ["github-actions"],
|
|
matchDatasources: ["github-runners"],
|
|
description: "Disable PRs updating GitHub runners (e.g. 'runs-on: macos-14')",
|
|
enabled: false,
|
|
},
|
|
{
|
|
groupName: "pre-commit dependencies",
|
|
matchManagers: ["pre-commit"],
|
|
description: "Weekly update of pre-commit dependencies",
|
|
},
|
|
{
|
|
groupName: "Rust dev-dependencies",
|
|
matchManagers: ["cargo"],
|
|
matchDepTypes: ["devDependencies"],
|
|
description: "Weekly update of Rust development dependencies",
|
|
},
|
|
{
|
|
groupName: "pyo3",
|
|
matchManagers: ["cargo"],
|
|
matchPackagePatterns: ["pyo3"],
|
|
description: "Weekly update of pyo3 dependencies",
|
|
},
|
|
],
|
|
vulnerabilityAlerts: {
|
|
commitMessageSuffix: "",
|
|
labels: ["internal", "security"],
|
|
},
|
|
}
|