Files
plex-playlist/renovate.json
Xlorep DarkHelm 9b742a5a6d
Some checks failed
CICD Start / Sanity and Base Decision (push) Successful in 18s
Renovate Dependency Updates / Renovate Dependencies (push) Failing after 7m19s
feature/pp-58-runtime-image-contract (#68)
## Summary

This PR tightens repository quality enforcement around markdown and documentation. It adds `markdownlint` to the `cicd-checks` workflow, expands pre-commit coverage so markdown files are checked repo-wide, and cleans up the PP-58 documentation set to keep it aligned with the new policy.

## What changed

- Added a `Markdownlint Check` entry to `.gitea/workflows/cicd-checks.yaml`
- Added `markdownlint` to pre-commit and widened prettier coverage to include markdown files across the repo
- Updated `README.md` to satisfy markdownlint line-length rules
- Normalized the PP-58 documentation set:
  - `docs/DEPLOYABLE_RUNTIME_CONTRACT.md`
  - `docs/adr/ADR003-deployable_runtime_image_contract.md`
  - `docs/DEVELOPMENT.md`
  - `docs/CICD_MULTI_STAGE_BUILD.md`
  - `docs/CICD_TROUBLESHOOTING_GUIDE.md`
  - `docs/SECURE_DOCKER_CICD.md`

## Validation

- `pre-commit run markdownlint --files README.md docs/DEPLOYABLE_RUNTIME_CONTRACT.md`
- `pre-commit run prettier --files README.md docs/DEPLOYABLE_RUNTIME_CONTRACT.md`
- Workflow YAML validation returned no errors

## Notes

This change does not alter application runtime behavior. It only strengthens CI and documentation quality enforcement.

Co-authored-by: copilotcoder <copilotcoder@darkhelm.org>
Reviewed-on: #68
2026-06-19 17:00:57 -04:00

116 lines
4.7 KiB
JSON

{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
":dependencyDashboard",
":semanticCommits",
":separatePatchReleases"
],
"timezone": "America/New_York",
"schedule": ["before 9am every weekday"],
"prConcurrentLimit": 5,
"branchConcurrentLimit": 10,
"prHourlyLimit": 2,
"packageRules": [
{
"description": "Automerge non-major updates for high-confidence packages",
"matchUpdateTypes": ["minor", "patch", "pin", "digest"],
"matchPackagePatterns": [
"^@types/",
"^eslint",
"^prettier",
"^ruff",
"^pytest"
],
"automerge": true,
"automergeType": "branch"
},
{
"description": "Group Python dev tools updates",
"matchManagers": ["uv"],
"matchCategories": ["python"],
"matchDepTypes": ["dev-dependencies"],
"groupName": "Python dev tools",
"schedule": ["before 9am on monday"]
},
{
"description": "Group Frontend dev tools updates",
"matchManagers": ["npm"],
"matchDepTypes": ["devDependencies"],
"matchPackagePatterns": [
"^@typescript-eslint/",
"^eslint",
"^prettier",
"^vite",
"^vitest",
"^playwright"
],
"groupName": "Frontend dev tools",
"schedule": ["before 9am on monday"]
},
{
"description": "Group Docker base image updates",
"matchManagers": ["dockerfile"],
"matchPackageNames": ["ubuntu", "node", "python"],
"groupName": "Docker base images",
"schedule": ["before 9am on monday"],
"automerge": false,
"reviewersFromCodeOwners": true
},
{
"description": "Security updates - high priority",
"matchPackagePatterns": [".*"],
"vulnerabilityAlerts": true,
"prPriority": 10,
"automerge": false,
"labels": ["security"],
"reviewersFromCodeOwners": true
},
{
"description": "Major updates - require manual review",
"matchUpdateTypes": ["major"],
"automerge": false,
"labels": ["major-update"],
"prPriority": 5,
"reviewersFromCodeOwners": true
}
],
"customManagers": [
{
"description": "Update Python version in Dockerfiles",
"customType": "regex",
"fileMatch": ["^Dockerfile.*$"],
"matchStrings": ["FROM python:(?<currentValue>\\d+\\.\\d+)"],
"datasourceTemplate": "docker",
"depNameTemplate": "python",
"versioningTemplate": "loose"
},
{
"description": "Update Node.js version in Dockerfiles",
"customType": "regex",
"fileMatch": ["^Dockerfile.*$"],
"matchStrings": ["FROM node:(?<currentValue>\\d+)"],
"datasourceTemplate": "docker",
"depNameTemplate": "node",
"versioningTemplate": "node"
}
],
"osvVulnerabilityAlerts": true,
"vulnerabilityAlerts": {
"enabled": true,
"schedule": ["at any time"]
},
"labels": ["dependencies"],
"commitMessagePrefix": "chore:",
"commitMessageTopic": "{{depName}}",
"commitMessageExtra": "to {{newVersion}}",
"commitMessageSuffix": "",
"prTitle": "{{commitMessagePrefix}} {{commitMessageAction}} {{commitMessageTopic}} {{commitMessageExtra}}",
"prBodyTemplate": "This PR contains the following updates:\n\n| Package | Change | Age | Adoption | Passing | Confidence |\n|---|---|---|---|---|---|\n{{#each upgrades}}\n|{{depName}}|{{#if displayFrom}}`{{{displayFrom}}}` -> `{{{displayTo}}}`{{else}}`{{{newVersion}}}`{{/if}}|[![age](https://badges.renovateapi.com/packages/{{datasource}}/{{depName}}/{{newVersion}}/age-slim)](https://docs.renovatebot.com/merge-confidence/)|[![adoption](https://badges.renovateapi.com/packages/{{datasource}}/{{depName}}/{{newVersion}}/adoption-slim)](https://docs.renovatebot.com/merge-confidence/)|[![passing](https://badges.renovateapi.com/packages/{{datasource}}/{{depName}}/{{newVersion}}/compatibility-slim/{{currentVersion}})](https://docs.renovatebot.com/merge-confidence/)|[![confidence](https://badges.renovateapi.com/packages/{{datasource}}/{{depName}}/{{newVersion}}/confidence-slim/{{currentVersion}})](https://docs.renovatebot.com/merge-confidence/)|\n{{/each}}\n\n---\n\n### Release Notes\n\n{{#each upgrades}}\n{{#if hasReleaseNotes}}\n<details>\n<summary>{{depName}}</summary>\n\n{{#each releases}}\n#### {{title}}\n\n{{#if body}}\n{{body}}\n{{/if}}\n{{/each}}\n\n</details>\n{{/if}}\n{{/each}}\n\n### Configuration\n\n📅 **Schedule**: {{schedule}}\n\n🚦 **Automerge**: {{#if isAutomerge}}Enabled{{else}}Disabled{{/if}}\n\n♻ **Rebasing**: {{#if isRebasing}}Rebasing{{else}}Not rebasing{{/if}}\n\n👥 **Reviewers**: {{#if reviewers}}{{reviewers}}{{else}}None{{/if}}\n\n---\n\n*This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).*"
}