bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-25 09:03:28 +00:00
Code Issues Releases Wiki Activity
Files
1f9758715d38da990f1e126aaa77d49aa4bf854f
browser/.github/renovate.json5
Andreas Coroiu 75b0112ce1 fix: block renovate from updating package (#19138) 
`actions/create-github-app-token` breaks test-browser-interactions.yml
if updated past v2.0.3 according to Autofill. This PR will pin the
verison untill the team can look into the issue.
2026-02-23 15:39:51 +00:00

573 lines
16 KiB
Plaintext
Raw Blame History

{
$schema: "https://docs.renovatebot.com/renovate-schema.json",
extends: ["github>bitwarden/renovate-config"], // Extends our default configuration for pinned dependencies
enabledManagers: ["cargo", "github-actions", "npm"],
packageRules: [
// ==================== Repo-Wide Update Behavior Rules ====================
{
// Group all Github Action minor updates together to reduce PR noise.
groupName: "Minor github-actions updates",
matchManagers: ["github-actions"],
matchUpdateTypes: ["minor"],
addLabels: ["hold"],
},
{
// Enable support for Rust toolchain updates.
matchManagers: ["custom.regex"],
matchDepNames: ["rust"],
commitMessageTopic: "Rust",
},
{
// Disable major and minor updates for TypeScript and Zone.js because they are managed by Angular.
matchPackageNames: ["typescript", "zone.js"],
matchUpdateTypes: ["major", "minor"],
description: "Determined by Angular",
enabled: false,
},
{
// Disable major updates for core Angular dependencies because they are managed through ng update
// when we decide to upgrade.
matchSourceUrls: [
"https://github.com/angular-eslint/angular-eslint",
"https://github.com/angular/angular-cli",
"https://github.com/angular/angular",
"https://github.com/angular/components",
"https://github.com/ng-select/ng-select",
],
matchUpdateTypes: ["major"],
description: "Manually updated using ng update",
enabled: false,
},
// ==================== Team Ownership Rules ====================
{
matchPackageNames: ["buffer", "bufferutil", "core-js", "process", "url", "util"],
description: "Admin Console owned dependencies",
commitMessagePrefix: "[deps] AC:",
reviewers: ["team:team-admin-console-dev"],
},
{
matchPackageNames: ["qrious"],
description: "Auth owned dependencies",
commitMessagePrefix: "[deps] Auth:",
reviewers: ["team:team-auth-dev"],
},
{
matchPackageNames: [
"@angular-eslint/schematics",
"@eslint/compat",
"@typescript-eslint/rule-tester",
"@typescript-eslint/utils",
"angular-eslint",
"eslint-config-prettier",
"eslint-import-resolver-typescript",
"eslint-plugin-import",
"eslint-plugin-rxjs-angular",
"eslint-plugin-rxjs",
"eslint-plugin-storybook",
"eslint-plugin-tailwindcss",
"eslint",
"husky",
"lint-staged",
"typescript-eslint",
],
description: "Architecture owned dependencies",
commitMessagePrefix: "[deps] Architecture:",
reviewers: ["team:dept-architecture"],
},
{
matchPackageNames: [
"@emotion/css",
"@webcomponents/custom-elements",
"concurrently",
"cross-env",
"del",
"ed25519",
"lit",
"@lit-labs/signals",
"patch-package",
"pkcs8",
"prettier",
"prettier-plugin-tailwindcss",
"rimraf",
"ssh-encoding",
"ssh-key",
"@storybook/web-components-vite",
"tabbable",
"tldts",
"wait-on",
],
description: "Autofill owned dependencies",
commitMessagePrefix: "[deps] Autofill:",
reviewers: ["team:team-autofill-dev"],
},
{
matchPackageNames: ["braintree-web-drop-in"],
description: "Billing owned dependencies",
commitMessagePrefix: "[deps] Billing:",
reviewers: ["team:team-billing-dev"],
},
{
matchPackageNames: [
"@babel/core",
"@babel/preset-env",
"@bitwarden/sdk-internal",
"@bitwarden/commercial-sdk-internal",
"@electron/fuses",
"@electron/notarize",
"@electron/rebuild",
"@ngtools/webpack",
"@nx/devkit",
"@nx/eslint",
"@nx/jest",
"@nx/js",
"@nx/webpack",
"@types/chrome",
"@types/firefox-webext-browser",
"@types/glob",
"@types/lowdb",
"@types/node",
"@types/node-ipc",
"@yao-pkg/pkg",
"anyhow",
"arboard",
"ashpd",
"babel-loader",
"base64-loader",
"base64",
"bindgen",
"browserslist",
"byteorder",
"bytes",
"core-foundation",
"copy-webpack-plugin",
"css-loader",
"ctor",
"dirs",
"electron",
"electron-builder",
"electron-log",
"electron-reload",
"electron-store",
"electron-updater",
"embed_plist",
"futures",
"hex",
"homedir",
"html-loader",
"html-webpack-injector",
"html-webpack-plugin",
"interprocess",
"itertools",
"json5",
"keytar",
"libc",
"lowdb",
"mini-css-extract-plugin",
"napi",
"napi-build",
"napi-derive",
"node-ipc",
"nx",
"oo7",
"oslog",
"pin-project",
"pkg",
"postcss",
"postcss-loader",
"rand",
"rxjs",
"sass",
"sass-loader",
"scopeguard",
"secmem-proc",
"security-framework",
"security-framework-sys",
"semver",
"serde",
"serde_json",
"serde_with",
"simplelog",
"style-loader",
"sysinfo",
"thiserror",
"tokio",
"tokio-util",
"tracing",
"tracing-subscriber",
"ts-node",
"ts-loader",
"tsconfig-paths-webpack-plugin",
"type-fest",
"typenum",
"typescript",
"typescript-strict-plugin",
"uniffi",
"webpack",
"webpack-cli",
"webpack-dev-server",
"webpack-node-externals",
"widestring",
"windows",
"windows-core",
"windows-future",
"windows-registry",
"zbus",
"zbus_polkit",
"zeroizing-alloc",
],
description: "Platform owned dependencies",
commitMessagePrefix: "[deps] Platform:",
reviewers: ["team:team-platform-dev"],
},
{
matchUpdateTypes: ["lockFileMaintenance"],
description: "Platform owns lock file maintenance",
commitMessagePrefix: "[deps] Platform:",
reviewers: ["team:team-platform-dev"],
},
{
matchPackageNames: [
"@angular-devkit/build-angular",
"@angular/animations",
"@angular/cdk",
"@angular/cli",
"@angular/common",
"@angular/compiler-cli",
"@angular/compiler",
"@angular/core",
"@angular/forms",
"@angular/platform-browser-dynamic",
"@angular/platform-browser",
"@angular/platform",
"@angular/router",
"axe-playwright",
"@compodoc/compodoc",
"@ng-select/ng-select",
"@storybook/addon-a11y",
"@storybook/addon-designs",
"@storybook/addon-docs",
"@storybook/addon-links",
"@storybook/test-runner",
"@storybook/addon-themes",
"@storybook/angular",
"@types/react",
"autoprefixer",
"bootstrap",
"chromatic",
"ngx-toastr",
"path-browserify",
"react",
"react-dom",
"remark-gfm",
"storybook",
"tailwindcss",
"vite-tsconfig-paths",
"zone.js",
"@tailwindcss/container-queries",
],
description: "UI Foundation owned dependencies",
commitMessagePrefix: "[deps] UI Foundation:",
reviewers: ["team:team-ui-foundation"],
},
{
matchPackageNames: [
"@types/jest",
"jest-junit",
"jest-mock-extended",
"jest-preset-angular",
"jest-diff",
"ts-jest",
],
description: "Secrets Manager owned dependencies",
commitMessagePrefix: "[deps] SM:",
reviewers: ["team:team-secrets-manager-dev"],
},
{
matchPackageNames: [
"@microsoft/signalr-protocol-msgpack",
"@microsoft/signalr",
"@types/jsdom",
"@types/papaparse",
"@types/zxcvbn",
"aes-gcm",
"async-trait",
"clap",
"jsdom",
"jszip",
"oidc-client-ts",
"papaparse",
"utf-8-validate",
"verifysign",
"zxcvbn",
],
description: "Tools owned dependencies",
commitMessagePrefix: "[deps] Tools:",
reviewers: ["team:team-tools-dev"],
},
{
matchPackageNames: [
"@koa/multer",
"@koa/router",
"@types/inquirer",
"@types/koa",
"@types/koa__multer",
"@types/koa-bodyparser",
"@types/koa-json",
"@types/lunr",
"@types/node-fetch",
"@types/proper-lockfile",
"@types/retry",
"chalk",
"commander",
"form-data",
"https-proxy-agent",
"inquirer",
"koa",
"koa-bodyparser",
"koa-json",
"lunr",
"multer",
"node-fetch",
"open",
"proper-lockfile",
"qrcode-parser",
],
description: "Vault owned dependencies",
commitMessagePrefix: "[deps] Vault:",
reviewers: ["team:team-vault-dev"],
},
{
matchPackageNames: [
"@types/node-forge",
"aes",
"big-integer",
"cbc",
"chacha20poly1305",
"linux-keyutils",
"memsec",
"node-forge",
"rsa",
"russh-cryptovec",
"sha2",
],
description: "Key Management owned dependencies",
commitMessagePrefix: "[deps] KM:",
reviewers: ["team:team-key-management-dev"],
},
// ==================== Grouping Rules ====================
// These come after any specific team assignment rules to ensure
// that grouping is not overridden by subsequent rule definitions.
{
matchPackageNames: [
"@angular-eslint/schematics",
"@eslint/compat",
"@typescript-eslint/rule-tester",
"@typescript-eslint/utils",
"angular-eslint",
"eslint-config-prettier",
"eslint-import-resolver-typescript",
"eslint-plugin-import",
"eslint-plugin-rxjs-angular",
"eslint-plugin-rxjs",
"eslint-plugin-storybook",
"eslint-plugin-tailwindcss",
"eslint",
"husky",
"lint-staged",
"typescript-eslint",
],
groupName: "Minor and patch linting updates",
matchUpdateTypes: ["minor", "patch"],
},
{
// We need to group all napi-related packages together to avoid build errors caused by version incompatibilities.
groupName: "napi",
matchPackageNames: ["napi", "napi-build", "napi-derive"],
},
{
// We need to group all macOS/iOS binding-related packages together to avoid build errors caused by version incompatibilities.
groupName: "macOS/iOS bindings",
matchPackageNames: ["core-foundation", "security-framework", "security-framework-sys"],
},
{
// We need to group all zbus-related packages together to avoid build errors caused by version incompatibilities.
groupName: "zbus",
matchPackageNames: ["zbus", "zbus_polkit"],
},
{
// We need to group all windows-related packages together to avoid build errors caused by version incompatibilities.
groupName: "windows",
matchPackageNames: ["windows", "windows-core", "windows-future", "windows-registry"],
},
{
// We need to group all tokio-related packages together to avoid build errors caused by version incompatibilities.
groupName: "tokio",
matchPackageNames: ["bytes", "tokio", "tokio-util"],
},
{
// We group all webpack build-related minor and patch updates together to reduce PR noise.
// We include patch updates here because we want PRs for webpack patch updates and it's in this group.
matchPackageNames: [
"@babel/core",
"@babel/preset-env",
"babel-loader",
"base64-loader",
"browserslist",
"copy-webpack-plugin",
"css-loader",
"html-loader",
"html-webpack-injector",
"html-webpack-plugin",
"mini-css-extract-plugin",
"postcss-loader",
"postcss",
"sass-loader",
"sass",
"style-loader",
"ts-loader",
"tsconfig-paths-webpack-plugin",
"webpack-cli",
"webpack-dev-server",
"webpack-node-externals",
"webpack",
],
description: "webpack-related build dependencies",
groupName: "Minor and patch webpack updates",
matchUpdateTypes: ["minor", "patch"],
},
{
// We need to update several Jest-related packages together, for version compatibility.
groupName: "jest",
matchPackageNames: ["@types/jest", "jest", "ts-jest", "jest-preset-angular"],
},
// ==================== Dashboard Rules ====================
{
// For the packages below, we have decided we will only be creating PRs
// for major updates, and sending minor (as well as patch) to the dashboard.
// This rule comes AFTER grouping rules so that groups are respected while still
// sending minor/patch updates to the dependency dashboard for approval.
matchPackageNames: [
"anyhow",
"arboard",
"ashpd",
"babel-loader",
"base64-loader",
"base64",
"bindgen",
"byteorder",
"bytes",
"core-foundation",
"copy-webpack-plugin",
"css-loader",
"ctor",
"dirs",
"electron-builder",
"electron-log",
"electron-reload",
"electron-store",
"electron-updater",
"embed_plist",
"futures",
"hex",
"homedir",
"html-loader",
"html-webpack-injector",
"html-webpack-plugin",
"interprocess",
"json5",
"keytar",
"libc",
"lowdb",
"mini-css-extract-plugin",
"napi",
"napi-build",
"napi-derive",
"node-ipc",
"nx",
"oo7",
"oslog",
"pin-project",
"pkg",
"postcss",
"postcss-loader",
"rand",
"sass",
"sass-loader",
"scopeguard",
"secmem-proc",
"security-framework",
"security-framework-sys",
"semver",
"serde",
"serde_json",
"simplelog",
"style-loader",
"sysinfo",
"thiserror",
"tokio",
"tokio-util",
"tracing",
"tracing-subscriber",
"ts-node",
"ts-loader",
"tsconfig-paths-webpack-plugin",
"type-fest",
"typenum",
"typescript-strict-plugin",
"uniffi",
"webpack-cli",
"webpack-dev-server",
"webpack-node-externals",
"widestring",
"windows",
"windows-core",
"windows-future",
"windows-registry",
"zbus",
"zbus_polkit",
"zeroizing-alloc",
],
matchUpdateTypes: ["minor", "patch"],
dependencyDashboardApproval: true,
},
{
// By default, we send patch updates to the Dependency Dashboard and do not generate a PR.
// We want to generate PRs for a select number of dependencies to ensure we stay up to date on these.
matchPackageNames: ["browserslist", "electron", "rxjs", "typescript", "webpack", "zone.js"],
matchUpdateTypes: ["patch"],
dependencyDashboardApproval: false,
},
// ==================== Special Version Constraints ====================
{
matchPackageNames: ["actions/create-github-app-token"],
matchFileNames: [".github/workflows/test-browser-interactions.yml"],
allowedVersions: "<= 2.0.3",
description: "Versions after v2.0.3 break the test-browser-interactions workflow. Remediation tracked in PM-28174.",
},
{
// Any versions of lowdb above 1.0.0 are not compatible with CommonJS.
matchPackageNames: ["lowdb"],
allowedVersions: "1.0.0",
description: "Higher versions of lowdb are not compatible with CommonJS",
},
{
// Pin types as well since we are not upgrading past v1 (and also v2+ does not need separate types).
matchPackageNames: ["@types/lowdb"],
allowedVersions: "< 2.0.0",
description: "Higher versions of lowdb do not need separate types",
},
],
ignoreDeps: [
"@types/koa-bodyparser",
"bootstrap",
"node-ipc",
"@bitwarden/sdk-internal",
"@bitwarden/commercial-sdk-internal",
"bitwarden-russh",
],
}
Reference in New Issue View Git Blame Copy Permalink