From 06725504a31bcedb9a2010e49f1d765a3ef888a9 Mon Sep 17 00:00:00 2001 From: Michael Kriese Date: Mon, 25 Mar 2024 14:41:46 +0100 Subject: [PATCH] Enable renovate osv vulnerability alerts --- .forgejo/workflows/renovate.yml | 4 ++++ renovate.json | 1 + 2 files changed, 5 insertions(+) diff --git a/.forgejo/workflows/renovate.yml b/.forgejo/workflows/renovate.yml index d26672d59..f24ae809e 100644 --- a/.forgejo/workflows/renovate.yml +++ b/.forgejo/workflows/renovate.yml @@ -30,6 +30,7 @@ jobs: with: path: | .tmp/cache/renovate/repository + .tmp/osv key: repo-cache-${{ github.run_id }} restore-keys: | repo-cache- @@ -51,10 +52,13 @@ jobs: GIT_COMMITTER_NAME: 'Renovate Bot' GIT_COMMITTER_EMAIL: 'forgejo-renovate-action@forgejo.org' + OSV_OFFLINE_ROOT_DIR: ${{ github.workspace }}/.tmp/osv + - name: Save renovate repo cache if: always() && env.RENOVATE_DRY_RUN != 'full' uses: https://code.forgejo.org/actions/cache/save@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2 with: path: | .tmp/cache/renovate/repository + .tmp/osv key: repo-cache-${{ github.run_id }} diff --git a/renovate.json b/renovate.json index a6b36af60..365193ad1 100644 --- a/renovate.json +++ b/renovate.json @@ -19,6 +19,7 @@ "postUpdateOptions": ["gomodTidy", "gomodUpdateImportPaths", "npmDedupe"], "prConcurrentLimit": 5, "internalChecksFilter": "strict", + "osvVulnerabilityAlerts": true, "packageRules": [ { "description": "Require approval for go and python minor version",