Skip to content

chore(renovate): configure monthly schedule and stability period #23

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
JacksonFergusonDev merged 1 commit into from
Jan 24, 2026
Merged

chore(renovate): configure monthly schedule and stability period #23

JacksonFergusonDev merged 1 commit into from
Jan 24, 2026

Conversation

@JacksonFergusonDev
Copy link
Owner

@JacksonFergusonDev JacksonFergusonDev commented Jan 24, 2026

Description

This PR updates the Renovate configuration to reduce noise and ensure dependency stability while prioritizing security.

Changes

  • Monthly Schedule: Renovate will now run before 4am on the first day of the month for standard updates, rather than running hourly/daily.
  • Stability Period: Added a minimumReleaseAge of 2 weeks. Non-security updates will strictly wait until a release is 2 weeks old before a PR is created to allow for community testing and bug reporting.
  • Security Exceptions:
    • vulnerabilityAlerts are configured to run "at any time", bypassing the monthly schedule.
    • The 2-week stability wait is scoped specifically to standard update types (major, minor, patch, etc.) so that security remediation PRs are raised immediately without waiting.

Motivation

To reduce CI usage and context switching caused by frequent dependency updates, while maintaining a strong security posture.

@JacksonFergusonDev
chore(renovate): configure monthly schedule and stability period
496f93b 
- Set global schedule to run only on the first day of the month to reduce PR noise.
- Enforce a 2-week minimum release age for standard updates (major, minor, patch) to ensure stability.
- Configure vulnerability alerts to bypass scheduling and stability checks for immediate remediation.
@JacksonFergusonDev JacksonFergusonDev merged commit ac4097b into main Jan 24, 2026
2 checks passed
@JacksonFergusonDev JacksonFergusonDev deleted the renovate branch January 24, 2026 00:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JacksonFergusonDev