ci: add Renovate config and GitHub Actions quality workflow

Add automated dependency management with Renovate and comprehensive CI checks including formatting, clippy, audit, and frontend build validation.
2026-01-31 10:24:12 -06:00 · 2025-12-11 11:50:59 -06:00
parent 280f01bb28
commit 24c2c2b3c5
2 changed files with 146 additions and 0 deletions
@@ -0,0 +1,42 @@
+{
+	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
+	"extends": [
+		"config:recommended",
+		":dependencyDashboard",
+		":semanticCommits",
+		":automergeDigest",
+		":automergeMinor"
+	],
+	"schedule": ["before 5am on monday"],
+	"timezone": "America/Chicago",
+	"prConcurrentLimit": 3,
+	"prCreation": "not-pending",
+	"rebaseWhen": "behind-base-branch",
+	"semanticCommitScope": "deps",
+	"vulnerabilityAlerts": {
+		"labels": ["security"],
+		"automerge": true,
+		"schedule": ["at any time"]
+	},
+	"packageRules": [
+		{
+			"description": "Group all non-major dependency updates together",
+			"groupName": "all non-major dependencies",
+			"matchUpdateTypes": ["minor", "patch", "digest"],
+			"automerge": true,
+			"automergeType": "pr",
+			"minimumReleaseAge": "3 days"
+		},
+		{
+			"description": "Major updates get individual PRs for review",
+			"matchUpdateTypes": ["major"],
+			"automerge": false,
+			"minimumReleaseAge": "7 days"
+		}
+	],
+	"postUpdateOptions": ["pnpmDedupe"],
+	"lockFileMaintenance": {
+		"enabled": true,
+		"schedule": ["before 5am on monday"]
+	}
+}