From 9bc3598b95558543de76ff3afce12e12d449afe3 Mon Sep 17 00:00:00 2001
From: Alexis Coles <alexis.coles@lendable.co.uk>
Date: Fri, 21 Mar 2025 07:56:16 +0000
Subject: [PATCH] fix(DEVOPS-7808): ensure renovate configured in all repos
 using public actions # [DEVOPS-7808] ## Changes

due to incident https://lendable.slack.com/archives/C08HNKQ4F7G

We are moving all GitHub Action references to git sha1 rather than tags.

We will use renovote to achive this and therefore need to enable it in all repositories.

We also need to ensure that all renovate config extends from the [lendable base config](https://github.com/Lendable/renovate-config/blob/main/default.json)

This is so that we can control the delay before referencing the latest sha1 commits to give the comunity some time to pick up on any malitious commits.
---
 .github/renovate.json | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 .github/renovate.json

diff --git a/.github/renovate.json b/.github/renovate.json
new file mode 100644
index 00000000..99844160
--- /dev/null
+++ b/.github/renovate.json
@@ -0,0 +1,6 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": [
+    "local>Lendable/renovate-config"
+  ]
+}