Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
76 changes: 59 additions & 17 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,23 +1,65 @@
# Dependabot version updates are intentionally disabled on this repository.
#
# The Dependabot configuration schema requires at least one entry under
# `updates`. The minimum-viable disable below uses the GitHub Actions
# ecosystem with `open-pull-requests-limit: 0` so that Dependabot cannot
# open any pull request, and by listing only one ecosystem here we ensure
# that no other ecosystem (npm, pip, cargo, etc.) will be scanned at all.
#
# To re-enable Dependabot in the future, replace this file with a full
# configuration generated from the official options reference:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
#
# Note: this file only governs Dependabot *version* updates. To also
# disable Dependabot *security* updates, toggle the repo setting
# "Dependabot security updates" off under
# Settings -> Code security and analysis on GitHub.
version: 2
updates:
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
labels:
- "dependencies"
- "npm"
commit-message:
prefix: "chore(npm)"
include: "scope"
groups:
npm-dependencies:
patterns:
- "*"

- package-ecosystem: "cargo"
directory: "/app/onchain"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
labels:
- "dependencies"
- "cargo"
commit-message:
prefix: "chore(cargo)"
include: "scope"
groups:
cargo-dependencies:
patterns:
- "*"

- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 10
labels:
- "dependencies"
- "pip"
commit-message:
prefix: "chore(pip)"
include: "scope"
groups:
pip-dependencies:
patterns:
- "*"

- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
open-pull-requests-limit: 0
open-pull-requests-limit: 10
labels:
- "dependencies"
- "github-actions"
commit-message:
prefix: "chore(actions)"
include: "scope"
groups:
github-actions-dependencies:
patterns:
- "*"
38 changes: 38 additions & 0 deletions .github/renovate.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:recommended",
"docker:pinDigests",
"helpers:pinGitHubActionDigests"
],
"packageRules": [
{
"matchManagers": ["npm"],
"groupName": "npm dependencies",
"commitMessagePrefix": "chore(npm):",
"schedule": ["before 5am on monday"]
},
{
"matchManagers": ["cargo"],
"groupName": "cargo dependencies",
"commitMessagePrefix": "chore(cargo):",
"schedule": ["before 5am on monday"]
},
{
"matchManagers": ["pip_requirements"],
"groupName": "pip dependencies",
"commitMessagePrefix": "chore(pip):",
"schedule": ["before 5am on monday"]
},
{
"matchManagers": ["github-actions"],
"groupName": "github-actions dependencies",
"commitMessagePrefix": "chore(actions):",
"schedule": ["before 5am on monday"]
}
],
"prHourlyLimit": 0,
"prConcurrentLimit": 5,
"labels": ["dependencies"],
"commitMessagePrefix": "chore(deps):"
}
13 changes: 13 additions & 0 deletions .github/workflows/contract-ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,19 @@ jobs:
with:
workspaces: "app/onchain"

- name: Enforce locked dependencies
run: cargo check --locked

- name: Ensure Cargo.lock is updated when Cargo.toml changes
if: github.event_name == 'pull_request'
run: |
git fetch origin "${{ github.base_ref }}" --depth=1
changed_files="$(git diff --name-only "origin/${{ github.base_ref }}...HEAD" -- app/onchain/Cargo.toml app/onchain/Cargo.lock)"
if echo "$changed_files" | grep -q '^app/onchain/Cargo.toml$' && ! echo "$changed_files" | grep -q '^app/onchain/Cargo.lock$'; then
echo "Cargo.toml changed without updating Cargo.lock."
exit 1
fi

- name: Check formatting
run: cargo fmt --all -- --check

Expand Down
Loading