Setup renovate for dist-workspace.toml

Add missing GitHub Actions version comments
2025-06-23 08:32:58 +02:00 · 2025-06-23 08:18:34 +02:00
3 changed files with 42 additions and 17 deletions
--- a/.github/renovate.json5
+++ b/.github/renovate.json5
@@ -16,7 +16,7 @@
  pep621: {
    // The default for this package manager is to only search for `pyproject.toml` files
    // found at the repository root: https://docs.renovatebot.com/modules/manager/pep621/#file-matching
-    fileMatch: ["^(python|scripts)/.*pyproject\\.toml$"],
+    managerFilePatterns: ["/^(python|scripts)/.*pyproject\\.toml$/"],
  },
  pip_requirements: {
    // The default for this package manager is to run on all requirements.txt files:
@@ -34,12 +34,32 @@
  npm: {
    // The default for this package manager is to only search for `package.json` files
    // found at the repository root: https://docs.renovatebot.com/modules/manager/npm/#file-matching
-    fileMatch: ["^playground/.*package\\.json$"],
+    managerFilePatterns: ["/^playground/.*package\\.json$/"],
  },
  customManagers: [
    {
      customType: "regex",
      managerFilePatterns: ["/^dist-workspace\\.toml$/"],
      matchStrings: [
        '"(?<depName>actions/[^"]+)" = "(?<currentDigest>[a-f0-9]{40})"\\s*#\\s*(?<currentValue>v[\\d\\.]+).*'
      ],
      datasourceTemplate: "github-tags",
      autoReplaceStringTemplate: '"{{depName}}" = "{{newDigest}}" # {{newValue}}"',
      extractVersionTemplate: "^(?<version>v[\\d\\.]+)$",
      versioningTemplate: "semver"
    }
  ],
  "pre-commit": {
    enabled: true,
  },
  packageRules: [
    // Ignore GitHub Actions in generated release.yml (managed by cargo-dist)
    {
      matchManagers: ["github-actions"],
      matchFileNames: [".github/workflows/release.yml"],
      enabled: false,
      description: "Ignore GitHub Actions in release.yml as it's generated by cargo-dist",
    },
    // Pin GitHub Actions to immutable SHAs.
    {
      matchDepTypes: ["action"],
@@ -106,6 +126,11 @@
      matchManagers: ["cargo"],
      matchPackageNames: ["strum"],
      description: "Weekly update of strum dependencies",
    },
    {
      groupName: "cargo-dist GitHub Actions",
      matchManagers: ["custom.regex"],
      description: "Weekly update of GitHub Actions dependencies managed by cargo-dist",
    }
  ],
  vulnerabilityAlerts: {
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -61,7 +61,7 @@ jobs:
    env:
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
-      - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          persist-credentials: false
          submodules: recursive
@@ -69,9 +69,9 @@ jobs:
        # we specify bash to get pipefail; it guards against the `curl` command
        # failing. otherwise `sh` won't catch that `curl` returned non-0
        shell: bash
-        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/cargo-dist/releases/download/v0.28.5-prerelease.1/cargo-dist-installer.sh | sh"
+        run: "curl --proto '=https' --tlsv1.2 -LsSf https://github.com/astral-sh/cargo-dist/releases/download/v0.28.5-prerelease.3/cargo-dist-installer.sh | sh"
      - name: Cache dist
-        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
        with:
          name: cargo-dist-cache
          path: ~/.cargo/bin/dist
@@ -87,7 +87,7 @@ jobs:
          cat plan-dist-manifest.json
          echo "manifest=$(jq -c "." plan-dist-manifest.json)" >> "$GITHUB_OUTPUT"
      - name: "Upload dist-manifest.json"
-        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
        with:
          name: artifacts-plan-dist-manifest
          path: plan-dist-manifest.json
@@ -124,7 +124,7 @@ jobs:
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
    steps:
-      - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          persist-credentials: false
          submodules: recursive
@@ -154,7 +154,7 @@ jobs:
          cp dist-manifest.json "$BUILD_MANIFEST_NAME"
      - name: "Upload artifacts"
-        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
        with:
          name: artifacts-build-global
          path: |
@@ -175,7 +175,7 @@ jobs:
    outputs:
      val: ${{ steps.host.outputs.manifest }}
    steps:
-      - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          persist-credentials: false
          submodules: recursive
@@ -201,7 +201,7 @@ jobs:
          cat dist-manifest.json
          echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
      - name: "Upload dist-manifest.json"
-        uses: actions/upload-artifact@6027e3dd177782cd8ab9af838c04fd81a07f1d47
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
        with:
          # Overwrite the previous copy
          name: artifacts-dist-manifest
@@ -251,7 +251,7 @@ jobs:
    env:
      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
-      - uses: actions/checkout@09d2acae674a48949e3602304ab46fd20ae0c42f
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
        with:
          persist-credentials: false
          submodules: recursive
--- a/dist-workspace.toml
+++ b/dist-workspace.toml
@@ -5,7 +5,7 @@ packages = ["ruff"]
 # Config for 'dist'
 [dist]
 # The preferred dist version to use in CI (Cargo.toml SemVer syntax)
-cargo-dist-version = "0.28.5-prerelease.1"
+cargo-dist-version = "0.28.5-prerelease.3"
 # Whether to consider the binaries in a package for distribution (defaults true)
 dist = false
 # CI backends to support
@@ -34,7 +34,7 @@ targets = [
    "x86_64-pc-windows-msvc",
    "i686-unknown-linux-gnu",
    "i686-unknown-linux-musl",
-    "i686-pc-windows-msvc"
+    "i686-pc-windows-msvc",
 ]
 # Whether to auto-include files like READMEs, LICENSEs, and CHANGELOGs (default true)
 auto-includes = false
@@ -56,7 +56,7 @@ publish-jobs = ["./publish-pypi", "./publish-wasm"]
 post-announce-jobs = [
    "./notify-dependents",
    "./publish-docs",
-    "./publish-playground"
+    "./publish-playground",
 ]
 # Custom permissions for GitHub Jobs
 github-custom-job-permissions = { "build-docker" = { packages = "write", contents = "read" }, "publish-wasm" = { contents = "read", id-token = "write", packages = "write" } }
@@ -69,7 +69,7 @@ install-path = ["$XDG_BIN_HOME/", "$XDG_DATA_HOME/../bin", "~/.local/bin"]
 global = "depot-ubuntu-latest-4"
 [dist.github-action-commits]
-"actions/checkout" = "09d2acae674a48949e3602304ab46fd20ae0c42f" # v4
+"actions/checkout" = "11bd71901bbe5b1630ceea73d27597364c9af683"                # v4.2.2"
-"actions/upload-artifact" = "6027e3dd177782cd8ab9af838c04fd81a07f1d47" # v4.6.2
+"actions/upload-artifact" = "ea165f8d65b6e75b540449e92b4886f43607fa02"         # v4.6.2
-"actions/download-artifact" = "d3f86a106a0bac45b974a628896c90dbdf5c8093" # v4.3.0
+"actions/download-artifact" = "d3f86a106a0bac45b974a628896c90dbdf5c8093"       # v4.3.0
 "actions/attest-build-provenance" = "c074443f1aee8d4aeeae555aebba3282517141b2" #v2.2.3
Author	SHA1	Message	Date
Micha Reiser	daa385c1a9	Setup renovate for dist-workspace.toml	2025-06-23 08:32:58 +02:00
Micha Reiser	01d9312529	Add missing GitHub Actions version comments	2025-06-23 08:18:34 +02:00