Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• Dockerfile (dockerfile)
• package.json (npm)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation
• If semantic commits detected, use semantic commit type fix for dependencies and chore for all others
• Ignore node_modules, bower_components, vendor and various test/tests directories
• Autodetect whether to pin dependencies or maintain ranges
• Rate limit PR creation to a maximum of two per hour
• Limit to maximum 10 open PRs at any time
• Group known monorepo packages together
• Use curated list of recommended non-monorepo package groupings
• Fix some problems with very old Maven commons versions
• Ignore spring cloud 1.x releases
• Ignore web3j 5.0.0 release
• Ignore http4s digest-based 1.x milestones
• Use node versioning for @types/node
• Limit concurrent requests to reduce load on Repology servers until we can fix this properly, see issue 10133
• Do not upgrade from Alpine stable to edge

🔡 Would you like to change the way Renovate is upgrading your dependencies? Simply edit the renovate.json in this branch with your custom config and the list of Pull Requests in the "What to Expect" section below will be updated the next time Renovate runs.

---

What to Expect

With your current configuration, Renovate will create 27 Pull Requests:

Update dependency acorn to 5.7.4 [SECURITY]

• Branch name: renovate/npm-acorn-vulnerability
• Merge into: master
• Upgrade acorn to 5.7.4

Update dependency ajv to 6.12.3 [SECURITY]

• Branch name: renovate/npm-ajv-vulnerability
• Merge into: master
• Upgrade ajv to 6.12.3

Update dependency axios to 0.21.1 [SECURITY]

• Branch name: renovate/npm-axios-vulnerability
• Merge into: master
• Upgrade axios to 0.21.1

Update dependency dot-prop to 4.2.1 [SECURITY]

• Branch name: renovate/npm-dot-prop-vulnerability
• Merge into: master
• Upgrade dot-prop to 4.2.1

Update dependency follow-redirects to 1.14.8 [SECURITY]

• Branch name: renovate/npm-follow-redirects-vulnerability
• Merge into: master
• Upgrade follow-redirects to 1.14.8

Update dependency glob-parent to 5.1.2 [SECURITY]

• Branch name: renovate/npm-glob-parent-vulnerability
• Merge into: master
• Upgrade glob-parent to 5.1.2

Update dependency handlebars to 4.7.7 [SECURITY]

• Branch name: renovate/npm-handlebars-vulnerability
• Merge into: master
• Upgrade handlebars to 4.7.7

Update dependency hosted-git-info to 2.8.9 [SECURITY]

• Branch name: renovate/npm-hosted-git-info-vulnerability
• Merge into: master
• Upgrade hosted-git-info to 2.8.9

Update dependency ini to 1.3.6 [SECURITY]

• Branch name: renovate/npm-ini-vulnerability
• Merge into: master
• Upgrade ini to 1.3.6

Update dependency kind-of to 6.0.3 [SECURITY]

• Branch name: renovate/npm-kind-of-vulnerability
• Merge into: master
• Upgrade kind-of to 6.0.3

Update dependency lodash to 4.17.21 [SECURITY]

• Branch name: renovate/npm-lodash-vulnerability
• Merge into: master
• Upgrade lodash to 4.17.21

Update dependency minimist to 1.2.6 [SECURITY]

• Branch name: renovate/npm-minimist-vulnerability
• Merge into: master
• Upgrade minimist to 1.2.6

Update dependency node-notifier to 8.0.1 [SECURITY]

• Branch name: renovate/npm-node-notifier-vulnerability
• Merge into: master
• Upgrade node-notifier to 8.0.1

Update dependency path-parse to 1.0.7 [SECURITY]

• Branch name: renovate/npm-path-parse-vulnerability
• Merge into: master
• Upgrade path-parse to 1.0.7

Update dependency tmpl to 1.0.5 [SECURITY]

• Branch name: renovate/npm-tmpl-vulnerability
• Merge into: master
• Upgrade tmpl to 1.0.5

Update dependency undefsafe to 2.0.3 [SECURITY]

• Branch name: renovate/npm-undefsafe-vulnerability
• Merge into: master
• Upgrade undefsafe to 2.0.3

Update dependency y18n to 4.0.1 [SECURITY]

• Branch name: renovate/npm-y18n-vulnerability
• Merge into: master
• Upgrade y18n to 4.0.1

Update dependency yargs-parser to 13.1.2 [SECURITY]

• Branch name: renovate/npm-yargs-parser-vulnerability
• Merge into: master
• Upgrade yargs-parser to 13.1.2

Pin dependencies

• Schedule: ["at any time"]
• Branch name: renovate/pin-dependencies
• Merge into: master
• Pin dotenv to 8.0.0
• Pin nodemon to 1.19.1

Update dependency nodemon to v1.19.4

• Schedule: ["at any time"]
• Branch name: renovate/nodemon-1.x
• Merge into: master
• Upgrade nodemon to 1.19.4

Update Node.js to v12.22.12

• Schedule: ["at any time"]
• Branch name: renovate/node-12.x
• Merge into: master
• Upgrade node to 12.22.12

Update dependency dotenv to v8.6.0

• Schedule: ["at any time"]
• Branch name: renovate/dotenv-8.x
• Merge into: master
• Upgrade dotenv to 8.6.0

Update Node.js to v18

• Schedule: ["at any time"]
• Branch name: renovate/node-18.x
• Merge into: master
• Upgrade node to 18.3.0

Update dependency dotenv to v16

• Schedule: ["at any time"]
• Branch name: renovate/dotenv-16.x
• Merge into: master
• Upgrade dotenv to 16.0.1

Update dependency jest to v28

• Schedule: ["at any time"]
• Branch name: renovate/major-jest-monorepo
• Merge into: master
• Upgrade jest to ^28.0.0

Update dependency joi to v17

• Schedule: ["at any time"]
• Branch name: renovate/joi-17.x
• Merge into: master
• Upgrade joi to ^17.0.0

Update dependency nodemon to v2

• Schedule: ["at any time"]
• Branch name: renovate/nodemon-2.x
• Merge into: master
• Upgrade nodemon to 2.0.16

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or spam the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Mend Renovate. View repository job log here.