]> Piment Noir Git Repositories - e-mobility-charging-stations-simulator.git/commitdiff
repositories / e-mobility-charging-stations-simulator.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 550824f)
ci(renovate): enforce 3-day minimum release age for npm packages
authorJérôme Benoit <jerome.benoit@sap.com>
Tue, 26 May 2026 17:40:45 +0000 (19:40 +0200)
committerJérôme Benoit <jerome.benoit@sap.com>
Tue, 26 May 2026 17:40:45 +0000 (19:40 +0200)
Extend the Renovate config with the official 'security:minimumReleaseAgeNpm'
preset so that Renovate waits 3 days after publication before creating PRs
for any npm/pnpm dependency. This adds a buffer against unpublished or
freshly-broken releases (e.g. malicious packages, npm unpublish window,
transient registry/lockfile resolution issues).

renovate.json patch | blob | blame | history

diff --git a/renovate.json b/renovate.json
index 04ee6bf63e1d3ae6bf3e5873e10394ca60fc6433..5f2d1bb1ae0ca67fcd020a04ff34279488586a78 100644 (file)
--- a/renovate.json
+++ b/renovate.json
@@ -6,7 +6,8 @@
     ":configMigration",
     "group:allNonMajor",
     "schedule:daily",
-    ":maintainLockFilesWeekly"
+    ":maintainLockFilesWeekly",
+    "security:minimumReleaseAgeNpm"
   ],
   "ignorePresets": [":ignoreModulesAndTests"],
   "ignorePaths": [
Charging stations simulator mirror - https://github.com/SAP/e-mobility-charging-stations-simulator