Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• dtw/package.json (npm)
• dynamic-time-warping/package.json (npm)
• package.json (npm)
• sciquence/requirements.txt (pip_requirements)
• dtw-python/setup.py (pip_setup)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Enable Renovate Dependency Dashboard creation
• If semantic commits detected, use semantic commit type fix for dependencies and chore for all others
• Ignore node_modules, bower_components, vendor and various test/tests directories
• Autodetect whether to pin dependencies or maintain ranges
• Rate limit PR creation to a maximum of two per hour
• Limit to maximum 10 open PRs at any time
• Group known monorepo packages together
• Use curated list of recommended non-monorepo package groupings
• Fix some problems with very old Maven commons versions
• Ignore spring cloud 1.x releases
• Ignore web3j 5.0.0 release
• Ignore http4s digest-based 1.x milestones
• Use node versioning for @types/node
• Limit concurrent requests to reduce load on Repology servers until we can fix this properly, see issue 10133
• Do not upgrade from Alpine stable to edge

🔡 Would you like to change the way Renovate is upgrading your dependencies? Simply edit the renovate.json in this branch with your custom config and the list of Pull Requests in the "What to Expect" section below will be updated the next time Renovate runs.

---

What to Expect

With your current configuration, Renovate will create 21 Pull Requests:

Update dependency ansi-regex [SECURITY]

• Branch name: renovate/npm-ansi-regex-vulnerability
• Merge into: master
• Upgrade ansi-regex to 3.0.1
• Upgrade ansi-regex to 5.0.1

Update dependency json-schema to 0.4.0 [SECURITY]

• Branch name: renovate/npm-json-schema-vulnerability
• Merge into: master
• Upgrade json-schema to 0.4.0

Update dependency markdown-it to 12.3.2 [SECURITY]

• Branch name: renovate/npm-markdown-it-vulnerability
• Merge into: master
• Upgrade markdown-it to 12.3.2

Update dependency marked to 4.0.10 [SECURITY]

• Branch name: renovate/npm-marked-vulnerability
• Merge into: master
• Upgrade marked to 4.0.10

Update dependency minimist to 1.2.6 [SECURITY]

• Branch name: renovate/npm-minimist-vulnerability
• Merge into: master
• Upgrade minimist to 1.2.6

Update dependency mustache to 2.2.1 [SECURITY]

• Branch name: renovate/npm-mustache-vulnerability
• Merge into: master
• Upgrade mustache to 2.2.1

Update dependency nanoid to 3.1.31 [SECURITY]

• Branch name: renovate/npm-nanoid-vulnerability
• Merge into: master
• Upgrade nanoid to 3.1.31

Update dependency node-fetch to 2.6.7 [SECURITY]

• Branch name: renovate/npm-node-fetch-vulnerability
• Merge into: master
• Upgrade node-fetch to 2.6.7

Update dependency npm to 8.11.0 [SECURITY]

• Branch name: renovate/npm-npm-vulnerability
• Merge into: master
• Upgrade npm to 8.11.0

Update dependency semver-regex to 3.1.4 [SECURITY]

• Branch name: renovate/npm-semver-regex-vulnerability
• Merge into: master
• Upgrade semver-regex to 3.1.4

Pin dependencies

• Schedule: ["at any time"]
• Branch name: renovate/pin-dependencies
• Merge into: master
• Pin dtw to 0.0.3
• Pin dynamic-time-warping to 1.0.0
• Pin dynamic-time-warping-2 to 1.1.2
• Pin dynamic-time-warping-ts to 1.0.0
• Pin grunt-cli to 1.4.3
• Pin grunt-contrib-connect to 1.0.2
• Pin grunt-contrib-jshint to 1.1.0
• Pin grunt-contrib-qunit to 1.3.0
• Pin grunt-contrib-uglify to 2.3.0
• Pin grunt-contrib-watch to 1.1.0
• Pin grunt-coveralls to 1.0.1
• Pin grunt-jscs to 3.0.1
• Pin grunt-jsonlint to 1.1.0
• Pin grunt-qunit-istanbul to 0.6.0
• Pin semantic-release to 18.0.0

Update dependency semantic-release to v18.0.1

• Schedule: ["at any time"]
• Branch name: renovate/semantic-release-monorepo
• Merge into: master
• Upgrade semantic-release to 18.0.1

Update dependency grunt to v1 [SECURITY]

• Branch name: renovate/npm-grunt-vulnerability
• Merge into: master
• Upgrade grunt to ^1.5.3

Update dependency grunt-contrib-connect to v3

• Schedule: ["at any time"]
• Branch name: renovate/grunt-contrib-connect-3.x
• Merge into: master
• Upgrade grunt-contrib-connect to 3.0.0

Update dependency grunt-contrib-jshint to v3

• Schedule: ["at any time"]
• Branch name: renovate/grunt-contrib-jshint-3.x
• Merge into: master
• Upgrade grunt-contrib-jshint to 3.2.0

Update dependency grunt-contrib-qunit to v6

• Schedule: ["at any time"]
• Branch name: renovate/grunt-contrib-qunit-6.x
• Merge into: master
• Upgrade grunt-contrib-qunit to 6.1.0

Update dependency grunt-contrib-uglify to v5

• Schedule: ["at any time"]
• Branch name: renovate/grunt-contrib-uglify-5.x
• Merge into: master
• Upgrade grunt-contrib-uglify to 5.2.1

Update dependency grunt-coveralls to v2

• Schedule: ["at any time"]
• Branch name: renovate/grunt-coveralls-2.x
• Merge into: master
• Upgrade grunt-coveralls to 2.0.0

Update dependency grunt-jsonlint to v2

• Schedule: ["at any time"]
• Branch name: renovate/grunt-jsonlint-2.x
• Merge into: master
• Upgrade grunt-jsonlint to 2.1.3

Update dependency grunt-qunit-istanbul to v1

• Schedule: ["at any time"]
• Branch name: renovate/grunt-qunit-istanbul-1.x
• Merge into: master
• Upgrade grunt-qunit-istanbul to 1.1.0

Update dependency semantic-release to v19

• Schedule: ["at any time"]
• Branch name: renovate/major-semantic-release-monorepo
• Merge into: master
• Upgrade semantic-release to 19.0.2

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or spam the project. See docs for prhourlylimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Mend Renovate. View repository job log here.

[viezly]

Pull request by bot. No need to analyze