Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• Dockerfile (dockerfile)
• Dockerfile.static (dockerfile)
• .github/workflows/1password.yml (github-actions)
• .github/workflows/build-binary-signed-ghat-malicious.yml (github-actions)
• .github/workflows/build-binary-signed-ghat.yml (github-actions)
• .github/workflows/build-binary-unsigned.yml (github-actions)
• .github/workflows/build-image-signed-cosign-malicious.yml (github-actions)
• .github/workflows/build-image-signed-cosign-static-copied.yml (github-actions)
• .github/workflows/build-image-signed-cosign-static.yml (github-actions)
• .github/workflows/build-image-signed-cosign.yml (github-actions)
• .github/workflows/build-image-signed-ghat-malicious.yml (github-actions)
• .github/workflows/build-image-signed-ghat-static-copied.yml (github-actions)
• .github/workflows/build-image-signed-ghat-static.yml (github-actions)
• .github/workflows/build-image-signed-ghat.yml (github-actions)
• .github/workflows/build-image-unsigned.yml (github-actions)
• go.mod (gomod)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 15 Pull Requests:

Update 1password/load-secrets-action digest to 971116b

• Schedule: ["at any time"]
• Branch name: renovate/1password-load-secrets-action-digest
• Merge into: main
• Upgrade 1password/load-secrets-action to 971116bbffed9bfe57bd55447317d56fbc7a6a81

Update actions/checkout digest to 8edcb1b

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-digest
• Merge into: main
• Upgrade actions/checkout to 8edcb1bdb4e267140fa742c62e395cd74f332709

Update docker/build-push-action digest to 55146d9

• Schedule: ["at any time"]
• Branch name: renovate/docker-build-push-action-digest
• Merge into: main
• Upgrade docker/build-push-action to 55146d969b0dff1a5c12630229609757af5b1081

Update docker/login-action digest to 184bdaa

• Schedule: ["at any time"]
• Branch name: renovate/docker-login-action-digest
• Merge into: main
• Upgrade docker/login-action to 184bdaa0721073962dff0199f1fb9940f07167d1

Update docker/metadata-action digest to c1e5197

• Schedule: ["at any time"]
• Branch name: renovate/docker-metadata-action-digest
• Merge into: main
• Upgrade docker/metadata-action to c1e51972afc2121e065aed6d45c65596fe445f3f

Update docker/setup-buildx-action digest to 774224a

• Schedule: ["at any time"]
• Branch name: renovate/docker-setup-buildx-action-digest
• Merge into: main
• Upgrade docker/setup-buildx-action to 774224adf69ca8de2e87f0afc9ef26b0e4dc8072

Update golang:1.21.6 Docker digest to 7b575fe

• Schedule: ["at any time"]
• Branch name: renovate/golang-1.21.6
• Merge into: main
• Upgrade golang to sha256:7b575fe0d9c2e01553b04d9de8ffea6d35ca3ab3380d2a8db2acc8f0f1519a53

Update actions/attest-build-provenance action to v1.4.4

• Schedule: ["at any time"]
• Branch name: renovate/actions-attest-build-provenance-1.x
• Merge into: main
• Upgrade actions/attest-build-provenance to v1.4.4

Update dependency go to 1.24

• Schedule: ["at any time"]
• Branch name: renovate/go-1.x
• Merge into: main
• Upgrade go to 1.24

Update golang Docker tag

• Schedule: ["at any time"]
• Branch name: renovate/golang-1.x
• Merge into: main
• Upgrade golang to sha256:ef5b4be1f94b36c90385abd9b6b4f201723ae28e71acacb76d00687333c17282
• Upgrade golang to 1.24-alpine

Update sigstore/cosign-installer action to v3.9.2

• Schedule: ["at any time"]
• Branch name: renovate/sigstore-cosign-installer-3.x
• Merge into: main
• Upgrade sigstore/cosign-installer to v3.9.2

Update 1password/load-secrets-action action to v2

• Schedule: ["at any time"]
• Branch name: renovate/1password-load-secrets-action-2.x
• Merge into: main
• Upgrade 1password/load-secrets-action to 581a835fb51b8e7ec56b71cf2ffddd7e68bb25e0

Update actions/attest-build-provenance action to v2

• Schedule: ["at any time"]
• Branch name: renovate/actions-attest-build-provenance-2.x
• Merge into: main
• Upgrade actions/attest-build-provenance to v2.4.0

Update actions/checkout action to v4

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-4.x
• Merge into: main
• Upgrade actions/checkout to 11bd71901bbe5b1630ceea73d27597364c9af683

Update actions/upload-artifact action to v4

• Schedule: ["at any time"]
• Branch name: renovate/major-github-artifact-actions
• Merge into: main
• Upgrade actions/upload-artifact to v4

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.