From 5cb1a59e99f95954bb55f186cf91e3e64a1bbec3 Mon Sep 17 00:00:00 2001 From: pooneyy <85266337+pooneyy@users.noreply.github.com> Date: Thu, 26 Feb 2026 11:27:55 +0800 Subject: [PATCH 1/4] chore(renovate): update package rules for label management - exclude github-actions manager from automatic major/pin/rollback update labeling - maintain existing label rules for other dependency managers --- renovate.json | 1 + 1 file changed, 1 insertion(+) diff --git a/renovate.json b/renovate.json index f10b60f18..0190728d9 100644 --- a/renovate.json +++ b/renovate.json @@ -18,6 +18,7 @@ "packageRules": [ { "matchUpdateTypes": ["major", "pin", "pinDigest", "digest", "lockFileMaintenance", "rollback", "bump", "replacement"], + "matchManagers": ["!github-actions"], "addLabels": ["{{ updateType }}"] }, { From b97d56aa14dc3f3dc5924825478f9efd709a5e89 Mon Sep 17 00:00:00 2001 From: pooneyy <85266337+pooneyy@users.noreply.github.com> Date: Thu, 26 Feb 2026 11:46:46 +0800 Subject: [PATCH 2/4] ci(build-docker): update github actions attestation workflow - update action from `actions/attest-build-provenance` to `actions/attest` for artifact attestation step --- .github/workflows/build-docker-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index e9d790cdb..553684828 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -128,7 +128,7 @@ jobs: - name: Set up Ruby uses: ruby/setup-ruby@v1 with: - ruby-version: '3.4.7' + ruby-version: '4.0.1' - name: Get license run: | gem install licensee @@ -243,7 +243,7 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY - name: Generate artifact attestation - uses: actions/attest-build-provenance@v3 + uses: actions/attest@v4 with: subject-name: ${{ env.IMAGE_FULL_NAME }} subject-digest: ${{ steps.push.outputs.digest }} From 7d738c49321de22a29fae99c29a06dfcb12edff0 Mon Sep 17 00:00:00 2001 From: pooneyy <85266337+pooneyy@users.noreply.github.com> Date: Thu, 26 Feb 2026 11:59:51 +0800 Subject: [PATCH 3/4] chore(renovate): update renovate configuration - format extends array to single line - add baseBranchPatterns to include localApps and config branches --- renovate.json | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/renovate.json b/renovate.json index 0190728d9..b30c04329 100644 --- a/renovate.json +++ b/renovate.json @@ -1,8 +1,7 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": [ - "config:recommended" - ], + "extends": ["config:recommended"], + "baseBranchPatterns": ["localApps", "config"], "gitIgnoredAuthors": [ "41898282+github-actions[bot]@users.noreply.github.com", "85266337+pooneyy@users.noreply.github.com" From f4dbbbebe56aad10d4f419ec3470db8ef10db962 Mon Sep 17 00:00:00 2001 From: pooneyy <85266337+pooneyy@users.noreply.github.com> Date: Thu, 26 Feb 2026 12:33:29 +0800 Subject: [PATCH 4/4] chore(renovate): disable github-actions updates for localApps branch --- renovate.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/renovate.json b/renovate.json index b30c04329..c25ff486e 100644 --- a/renovate.json +++ b/renovate.json @@ -20,6 +20,11 @@ "matchManagers": ["!github-actions"], "addLabels": ["{{ updateType }}"] }, + { + "matchBaseBranches": ["localApps"], + "matchManagers": ["github-actions"], + "enabled": false + }, { "matchManagers": [ "docker-compose"