Enable renovate osv vulnerability alerts
This commit is contained in:
parent
2810b9ae0a
commit
06725504a3
2 changed files with 5 additions and 0 deletions
|
@ -30,6 +30,7 @@ jobs:
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
.tmp/cache/renovate/repository
|
.tmp/cache/renovate/repository
|
||||||
|
.tmp/osv
|
||||||
key: repo-cache-${{ github.run_id }}
|
key: repo-cache-${{ github.run_id }}
|
||||||
restore-keys: |
|
restore-keys: |
|
||||||
repo-cache-
|
repo-cache-
|
||||||
|
@ -51,10 +52,13 @@ jobs:
|
||||||
GIT_COMMITTER_NAME: 'Renovate Bot'
|
GIT_COMMITTER_NAME: 'Renovate Bot'
|
||||||
GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org'
|
GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org'
|
||||||
|
|
||||||
|
OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv
|
||||||
|
|
||||||
- name: Save renovate repo cache
|
- name: Save renovate repo cache
|
||||||
if: always() && env.RENOVATE_DRY_RUN != 'full'
|
if: always() && env.RENOVATE_DRY_RUN != 'full'
|
||||||
uses: https://code.forgejo.org/actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
|
uses: https://code.forgejo.org/actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
|
||||||
with:
|
with:
|
||||||
path: |
|
path: |
|
||||||
.tmp/cache/renovate/repository
|
.tmp/cache/renovate/repository
|
||||||
|
.tmp/osv
|
||||||
key: repo-cache-${{ github.run_id }}
|
key: repo-cache-${{ github.run_id }}
|
||||||
|
|
|
@ -19,6 +19,7 @@
|
||||||
"postUpdateOptions": ["gomodTidy", "gomodUpdateImportPaths", "npmDedupe"],
|
"postUpdateOptions": ["gomodTidy", "gomodUpdateImportPaths", "npmDedupe"],
|
||||||
"prConcurrentLimit": 5,
|
"prConcurrentLimit": 5,
|
||||||
"internalChecksFilter": "strict",
|
"internalChecksFilter": "strict",
|
||||||
|
"osvVulnerabilityAlerts": true,
|
||||||
"packageRules": [
|
"packageRules": [
|
||||||
{
|
{
|
||||||
"description": "Require approval for go and python minor version",
|
"description": "Require approval for go and python minor version",
|
||||||
|
|
Loading…
Reference in a new issue