Configure Renovate by renovate[bot] · Pull Request #227 · communitiesuk/digital-form-builder-adapter

renovate · 2025-09-26T09:54:59Z

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

Detected Package Files

docker-compose.dev.yml (docker-compose)
docker-compose.devcontainer.yml (docker-compose)
docker-compose.e2e.yml (docker-compose)
docker-compose.yml (docker-compose)
.devcontainer/Dockerfile (dockerfile)
designer/Dockerfile (dockerfile)
mock-preaward/Dockerfile (dockerfile)
runner/Dockerfile (dockerfile)
.github/workflows/anchore-scan.yml (github-actions)
.github/workflows/codeql-analysis.yml (github-actions)
.github/workflows/copilot_deploy.yml (github-actions)
.github/workflows/deploy.yml (github-actions)
.github/workflows/submodule-tracking.yml (github-actions)
designer/package.json (npm)
e2e-test/package.json (npm)
mock-preaward/package.json (npm)
model/package.json (npm)
package.json (npm)
runner/package.json (npm)
renovate.json (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

Start dependency updates only once this onboarding PR is merged
Hopefully safe environment variables to allow users to configure.
Show all Merge Confidence badges for pull requests.
Enable Renovate Dependency Dashboard creation.
Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
Group known monorepo packages together.
Use curated list of recommended non-monorepo package groupings.
Show only the Age and Confidence Merge Confidence badges for pull requests.
Apply crowd-sourced package replacement rules.
Apply crowd-sourced workarounds for known problems with packages.
Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
Correctly link to the source code for golang.org/x packages
Link to pkg.go.dev/... for golang.org/x packages' title
Pin Docker digests.
Pin github-action digests.
Enable Renovate configuration migration PRs when needed.
Pin dependency versions for development dependencies.
Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
Run lock file maintenance (updates) early Monday mornings.
Run Renovate on following schedule: * * * * 1

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

What to Expect

With your current configuration, Renovate will create 63 Pull Requests:

chore(deps): update dependency nanoid to v5.0.9 [security]

Branch name: renovate/npm-nanoid-vulnerability
Merge into: main
Upgrade nanoid to 5.0.9

chore(deps): update dependency webpack-dev-server to v5 [security]

Branch name: renovate/npm-webpack-dev-server-vulnerability
Merge into: main
Upgrade webpack-dev-server to ^5.0.0

chore(deps): replace dependency babel-eslint with @babel/eslint-parser ^7.11.0

Schedule: ["* * * * 1"]
Branch name: renovate/babel-eslint-replacement
Merge into: main
Upgrade babel-eslint to ^7.11.0

chore(deps): pin docker digests

Schedule: ["* * * * 1"]
Branch name: renovate/digests-pin
Merge into: main
Pin node to 20.20.1-alpine
Pin node to 24.14.0-alpine

fix(deps): pin dependencies

Schedule: ["* * * * 1"]
Branch name: renovate/pin-dependencies
Merge into: main
Pin @babel/cli to 7.24.7
Pin @babel/core to 7.24.7
Pin @babel/eslint-parser to 7.24.7
Pin @babel/eslint-plugin to 7.24.7
Pin @babel/node to 7.24.7
Pin @babel/plugin-proposal-export-default-from to 7.24.7
Pin @babel/plugin-syntax-dynamic-import to 7.8.3
Pin @babel/plugin-transform-class-properties to 7.24.7
Pin @babel/plugin-transform-classes to 7.24.7
Pin @babel/plugin-transform-logical-assignment-operators to 7.24.7
Pin @babel/plugin-transform-modules-commonjs to 7.24.7
Pin @babel/plugin-transform-nullish-coalescing-operator to 7.24.7
Pin @babel/plugin-transform-optional-chaining to 7.24.7
Pin @babel/plugin-transform-private-methods to 7.24.7
Pin @babel/plugin-transform-runtime to 7.24.7
Pin @babel/preset-env to 7.24.7
Pin @babel/preset-react to 7.24.7
Pin @babel/preset-typescript to 7.24.7
Pin @babel/register to 7.24.6
Pin @badeball/cypress-cucumber-preprocessor to 20.1.2
Pin @cypress/webpack-preprocessor to 6.0.2
Pin @sentry/node to 8.55.0
Pin @testing-library/cypress to 10.0.2
Pin @testing-library/dom to 10.4.0
Pin @testing-library/user-event to 14.5.2
Pin @tsconfig/recommended to 1.0.7
Pin @types/cors to 2.8.19
Pin @types/express to 4.17.25
Pin @types/hoek to 4.1.7
Pin @types/node to 20.19.37
Pin @types/node to 20.14.10
Upgrade actions/cache to 6f8efc29b200d32929f49075959781ed54ec270c
Upgrade actions/cache to 0057852bfaa89a56745cba8c7296529d2fc39830
Upgrade actions/checkout to 34e114876b0b11c390a56381ad16ebd13914f8d5
Upgrade actions/checkout to ee0669bd1cc54295c223e0bb666b733df41de1c5
Upgrade actions/setup-node to 3235b876344d2a9aa001b8d1453c930bba69e610
Upgrade actions/upload-artifact to b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
Upgrade actions/upload-artifact to 84480863f228bb9747b473957fcc9e309aa96097
Upgrade anchore/scan-action to 3c947f31798e0e3e9fa2bf18282aeb57a1a4aaa5
Pin autoprefixer to 10.4.19
Pin babel-eslint to 10.1.0
Pin babel-loader to 8.3.0
Pin babel-plugin-module-name-mapper to 1.2.0
Pin babel-plugin-module-resolver to 4.1.0
Pin babel-preset-env to 1.7.0
Pin clean-webpack-plugin to 4.0.0
Pin concurrently to 7.6.0
Pin copy-webpack-plugin to 6.4.1
Pin cors to 2.8.6
Pin css-loader to 4.3.0
Pin cypress to 13.13.3
Pin cypress-file-upload to 5.0.8
Upgrade docker/build-push-action to 0a97817b6ade9f46837855d676c4cca3a2471fc9
Upgrade docker/login-action to dd4fa0671be5250ee6f50aedf4cb05514abda2c7
Upgrade docker/metadata-action to 818d4b7b91585d195f67373fd9cb0332e31a7175
Upgrade docker/setup-buildx-action to 8d2750c68a42422c14e847fe6c8ac0403b4cbd6f
Pin eslint-plugin-json to 4.0.1
Pin express to 4.22.1
Pin file-loader to 6.2.0
Upgrade ghcr.io/communitiesuk/funding-service-design-form-designer-adapter to sha256:b10e1cc2fdcc4a8b71cb13b759c6df98bb637d1bbe724967ebe4c1e8e34b1a09
Upgrade ghcr.io/communitiesuk/funding-service-design-form-runner-adapter to sha256:72753be99ca17093a4b80fa0771d6f83f3c595b477519ac428483a792f17dc7b
Upgrade github/codeql-action to 603b797f8b14b413fe025cd935a91c16c4782713
Pin html-webpack-plugin to 4.5.2
Upgrade localstack/localstack to sha256:3ebc37595918b8accb852f8048fef2aff047d465167edd655528065b07bc364a
Pin mini-css-extract-plugin to 0.11.3
Pin node to 20.20.1
Pin nodemon to 3.1.14
Pin nodemon to 2.0.22
Upgrade peter-evans/create-pull-request to 4e1beaa7521e8b457b572c090b25bd3db56bf1c5
Pin postcss to 8.4.39
Pin postcss-loader to 4.3.0
Pin prettier to 3.3.3
Pin prisma to 5.16.2
Upgrade redis to sha256:315270d166080f537bbdf1b489b603aaaa213cb55a544acfa51feb7481abb1c0
Pin sass to 1.77.7
Pin sass to 1.77.6
Pin sass-loader to 10.5.2
Upgrade satackey/action-docker-layer-caching to 46d2c640b1d8ef50d185452ad6fb324e6bd1d052
Pin sinon to 19.0.2
Pin ts-node to 10.9.2
Pin ts-node-dev to 1.1.8
Pin typescript to 5.9.3
Pin webpack to 4.47.0
Pin webpack-bundle-analyzer to 4.10.2
Pin webpack-cli to 3.3.12
Pin webpack-node-externals to 2.5.2

fix(deps): pin dependency govuk-frontend to 5.11.0

Schedule: ["* * * * 1"]
Branch name: renovate/gov.uk-frontend
Merge into: main
Pin govuk-frontend to 5.11.0

chore(deps): update dependency @tsconfig/recommended to ^1.0.7

Schedule: ["* * * * 1"]
Branch name: renovate/tsconfig-recommended-1.x
Merge into: main
Upgrade @tsconfig/recommended to ^1.0.7

chore(deps): update dependency autoprefixer to ^10.4.19

Schedule: ["* * * * 1"]
Branch name: renovate/autoprefixer-10.x
Merge into: main
Upgrade autoprefixer to ^10.4.19

chore(deps): update actions/upload-artifact action to v4.6.2

Schedule: ["* * * * 1"]
Branch name: renovate/actions-upload-artifact-4.x
Merge into: main
Upgrade actions/upload-artifact to ea165f8d65b6e75b540449e92b4886f43607fa02

chore(deps): update babel monorepo

Schedule: ["* * * * 1"]
Branch name: renovate/babel-monorepo
Merge into: main
Upgrade @babel/cli to ^7.28.6
Upgrade @babel/core to ^7.29.0
Upgrade @babel/eslint-parser to ^7.28.6
Upgrade @babel/eslint-plugin to ^7.27.1
Upgrade @babel/node to ^7.29.0
Upgrade @babel/plugin-proposal-export-default-from to ^7.27.1
Upgrade @babel/plugin-transform-class-properties to ^7.28.6
Upgrade @babel/plugin-transform-classes to ^7.28.6
Upgrade @babel/plugin-transform-logical-assignment-operators to ^7.28.6
Upgrade @babel/plugin-transform-modules-commonjs to ^7.28.6
Upgrade @babel/plugin-transform-nullish-coalescing-operator to ^7.28.6
Upgrade @babel/plugin-transform-optional-chaining to ^7.28.6
Upgrade @babel/plugin-transform-private-methods to ^7.28.6
Upgrade @babel/plugin-transform-runtime to ^7.29.0
Upgrade @babel/preset-env to ^7.29.0
Upgrade @babel/preset-react to ^7.28.5
Upgrade @babel/preset-typescript to ^7.28.5
Upgrade @babel/register to ^7.24.6

chore(deps): update dependency @types/node to ^20.14.10

Schedule: ["* * * * 1"]
Branch name: renovate/node-20.x
Merge into: main
Upgrade @types/node to ^20.14.10

chore(deps): update dependency cypress to ^13.17.0

Schedule: ["* * * * 1"]
Branch name: renovate/cypress-13.x
Merge into: main
Upgrade cypress to ^13.17.0

chore(deps): update dependency hapi-auth-jwt2 to v10.7.0

Schedule: ["* * * * 1"]
Branch name: renovate/hapi-auth-jwt2-10.x
Merge into: main
Upgrade hapi-auth-jwt2 to 10.7.0

chore(deps): update dependency mini-css-extract-plugin to ^0.12.0

Schedule: ["* * * * 1"]
Branch name: renovate/mini-css-extract-plugin-0.x
Merge into: main
Upgrade mini-css-extract-plugin to ^0.12.0

chore(deps): update dependency postcss to ^8.5.8

Schedule: ["* * * * 1"]
Branch name: renovate/postcss-8.x
Merge into: main
Upgrade postcss to ^8.5.8

chore(deps): update dependency prettier to ^3.8.1

Schedule: ["* * * * 1"]
Branch name: renovate/prettier-3.x
Merge into: main
Upgrade prettier to ^3.8.1

chore(deps): update dependency prisma to ^5.22.0

Schedule: ["* * * * 1"]
Branch name: renovate/prisma-monorepo
Merge into: main
Upgrade prisma to ^5.22.0

chore(deps): update dependency sass to ^1.98.0

Schedule: ["* * * * 1"]
Branch name: renovate/sass-1.x
Merge into: main
Upgrade sass to ^1.98.0

chore(deps): update testing-library monorepo

Schedule: ["* * * * 1"]
Branch name: renovate/testing-library-monorepo
Merge into: main
Upgrade @testing-library/cypress to ^10.1.0
Upgrade @testing-library/user-event to ^14.6.1

chore(deps): update yarn to v3.8.7

Schedule: ["* * * * 1"]
Branch name: renovate/yarn-monorepo
Merge into: main
Upgrade yarn to 3.8.7

fix(deps): update aws-sdk-js-v3 monorepo to v3.1009.0

Schedule: ["* * * * 1"]
Branch name: renovate/aws-sdk-js-v3-monorepo
Merge into: main
Upgrade @aws-sdk/client-s3 to 3.1009.0
Upgrade @aws-sdk/lib-storage to 3.1009.0
Upgrade @aws-sdk/s3-request-presigner to 3.1009.0

fix(deps): update dependency tinymce to v7.9.2

Schedule: ["* * * * 1"]
Branch name: renovate/tinymce-7.x
Merge into: main
Upgrade tinymce to 7.9.2

chore(deps): update actions/cache action to v5

Schedule: ["* * * * 1"]
Branch name: renovate/actions-cache-5.x
Merge into: main
Upgrade actions/cache to cdf6c1fa76f9f475f3d7449005a359c84ca0f306

chore(deps): update actions/checkout action to v6

Schedule: ["* * * * 1"]
Branch name: renovate/actions-checkout-6.x
Merge into: main
Upgrade actions/checkout to de0fac2e4500dabe0009e67214ff5f5447ce83dd

chore(deps): update actions/setup-node action to v6

Schedule: ["* * * * 1"]
Branch name: renovate/actions-setup-node-6.x
Merge into: main
Upgrade actions/setup-node to 53b83947a5a98c8d113130e565377fae1a50d02f

chore(deps): update actions/upload-artifact action to v7

Schedule: ["* * * * 1"]
Branch name: renovate/major-github-artifact-actions
Merge into: main
Upgrade actions/upload-artifact to bbbca2ddaa5d8feaa63e36b76fdaad77386f024f

chore(deps): update anchore/scan-action action to v7

Schedule: ["* * * * 1"]
Branch name: renovate/anchore-scan-action-7.x
Merge into: main
Upgrade anchore/scan-action to 7037fa011853d5a11690026fb85feee79f4c946c

chore(deps): update dependency @badeball/cypress-cucumber-preprocessor to v24

Schedule: ["* * * * 1"]
Branch name: renovate/badeball-cypress-cucumber-preprocessor-24.x
Merge into: main
Upgrade @badeball/cypress-cucumber-preprocessor to ^24.0.0

chore(deps): update dependency @cypress/webpack-preprocessor to v7

Schedule: ["* * * * 1"]
Branch name: renovate/cypress-webpack-preprocessor-7.x
Merge into: main
Upgrade @cypress/webpack-preprocessor to ^7.0.0

chore(deps): update dependency babel-loader to v10

Schedule: ["* * * * 1"]
Branch name: renovate/babel-loader-10.x
Merge into: main
Upgrade babel-loader to ^10.0.0

chore(deps): update dependency babel-plugin-module-resolver to v5

Schedule: ["* * * * 1"]
Branch name: renovate/babel-plugin-module-resolver-5.x
Merge into: main
Upgrade babel-plugin-module-resolver to ^5.0.0

chore(deps): update dependency concurrently to v9

Schedule: ["* * * * 1"]
Branch name: renovate/concurrently-9.x
Merge into: main
Upgrade concurrently to ^9.0.0

chore(deps): update dependency copy-webpack-plugin to v14

Schedule: ["* * * * 1"]
Branch name: renovate/copy-webpack-plugin-14.x
Merge into: main
Upgrade copy-webpack-plugin to ^14.0.0

chore(deps): update dependency css-loader to v7

Schedule: ["* * * * 1"]
Branch name: renovate/css-loader-7.x
Merge into: main
Upgrade css-loader to ^7.0.0

chore(deps): update dependency cypress to v15

Schedule: ["* * * * 1"]
Branch name: renovate/cypress-15.x
Merge into: main
Upgrade cypress to ^15.0.0

chore(deps): update dependency hapi-auth-jwt2 to v11

Schedule: ["* * * * 1"]
Branch name: renovate/hapi-auth-jwt2-11.x
Merge into: main
Upgrade hapi-auth-jwt2 to 11.0.0

chore(deps): update dependency html-webpack-plugin to v5

Schedule: ["* * * * 1"]
Branch name: renovate/html-webpack-plugin-5.x
Merge into: main
Upgrade html-webpack-plugin to ^5.0.0

chore(deps): update dependency mini-css-extract-plugin to v2

Schedule: ["* * * * 1"]
Branch name: renovate/mini-css-extract-plugin-2.x
Merge into: main
Upgrade mini-css-extract-plugin to ^2.0.0

chore(deps): update dependency node to v24

Schedule: ["* * * * 1"]
Branch name: renovate/node-24.x
Merge into: main
Upgrade node to 24.x
Upgrade node to 24-alpine
Upgrade @types/node to ^24.0.0

chore(deps): update dependency nodemon to v3

Schedule: ["* * * * 1"]
Branch name: renovate/nodemon-3.x
Merge into: main
Upgrade nodemon to ^3.0.0

chore(deps): update dependency postcss-loader to v8

Schedule: ["* * * * 1"]
Branch name: renovate/postcss-loader-8.x
Merge into: main
Upgrade postcss-loader to ^8.0.0

chore(deps): update dependency prisma to v7

Schedule: ["* * * * 1"]
Branch name: renovate/major-prisma-monorepo
Merge into: main
Upgrade prisma to ^7.0.0

chore(deps): update dependency sass-loader to v16

Schedule: ["* * * * 1"]
Branch name: renovate/sass-loader-16.x
Merge into: main
Upgrade sass-loader to ^16.0.0

chore(deps): update dependency sinon to v21

Schedule: ["* * * * 1"]
Branch name: renovate/sinon-21.x
Merge into: main
Upgrade sinon to ^21.0.0

chore(deps): update dependency ts-node-dev to v2

Schedule: ["* * * * 1"]
Branch name: renovate/ts-node-dev-2.x
Merge into: main
Upgrade ts-node-dev to ^2.0.0

chore(deps): update dependency typescript to v5

Schedule: ["* * * * 1"]
Branch name: renovate/typescript-5.x
Merge into: main
Upgrade typescript to 5.9.3

chore(deps): update dependency webpack to v5

Schedule: ["* * * * 1"]
Branch name: renovate/webpack-5.x
Merge into: main
Upgrade webpack to ^5.0.0

chore(deps): update dependency webpack-bundle-analyzer to v5

Schedule: ["* * * * 1"]
Branch name: renovate/webpack-bundle-analyzer-5.x
Merge into: main
Upgrade webpack-bundle-analyzer to ^5.0.0

chore(deps): update dependency webpack-cli to v7

Schedule: ["* * * * 1"]
Branch name: renovate/webpack-cli-7.x
Merge into: main
Upgrade webpack-cli to ^7.0.0

chore(deps): update dependency webpack-node-externals to v3

Schedule: ["* * * * 1"]
Branch name: renovate/webpack-node-externals-3.x
Merge into: main
Upgrade webpack-node-externals to ^3.0.0

chore(deps): update docker/build-push-action action to v7

Schedule: ["* * * * 1"]
Branch name: renovate/docker-build-push-action-7.x
Merge into: main
Upgrade docker/build-push-action to d08e5c354a6adb9ed34480a06d141179aa583294

chore(deps): update docker/login-action action to v4

Schedule: ["* * * * 1"]
Branch name: renovate/docker-login-action-4.x
Merge into: main
Upgrade docker/login-action to b45d80f862d83dbcd57f89517bcf500b2ab88fb2

chore(deps): update docker/metadata-action action to v6

Schedule: ["* * * * 1"]
Branch name: renovate/docker-metadata-action-6.x
Merge into: main
Upgrade docker/metadata-action to 030e881283bb7a6894de51c315a6bfe6a94e05cf

chore(deps): update docker/setup-buildx-action action to v4

Schedule: ["* * * * 1"]
Branch name: renovate/docker-setup-buildx-action-4.x
Merge into: main
Upgrade docker/setup-buildx-action to 4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd

chore(deps): update github/codeql-action action to v4

Schedule: ["* * * * 1"]
Branch name: renovate/github-codeql-action-4.x
Merge into: main
Upgrade github/codeql-action to b1bff81932f5cdfc8695c7752dcee935dcd061c8

chore(deps): update peter-evans/create-pull-request action to v8

Schedule: ["* * * * 1"]
Branch name: renovate/peter-evans-create-pull-request-8.x
Merge into: main
Upgrade peter-evans/create-pull-request to c0f553fe549906ede9cf27b5156039d195d2ece0

chore(deps): update yarn to v4

Schedule: ["* * * * 1"]
Branch name: renovate/major-yarn-monorepo
Merge into: main
Upgrade yarn to 4.12.0

fix(deps): update dependency @sentry/node to v10

Schedule: ["* * * * 1"]
Branch name: renovate/major-sentry-javascript-monorepo
Merge into: main
Upgrade @sentry/node to ^10.0.0

fix(deps): update dependency express to v5

Schedule: ["* * * * 1"]
Branch name: renovate/express-5.x
Merge into: main
Upgrade express to ^5.0.0
Upgrade @types/express to ^5.0.0

fix(deps): update dependency govuk-frontend to v6

Schedule: ["* * * * 1"]
Branch name: renovate/major-gov.uk-frontend
Merge into: main
Upgrade govuk-frontend to ^6.0.0

fix(deps): update dependency joi to v18

Schedule: ["* * * * 1"]
Branch name: renovate/major-hapijs-monorepo
Merge into: main
Upgrade joi to 18.0.2

fix(deps): update dependency tinymce to v8

Schedule: ["* * * * 1"]
Branch name: renovate/tinymce-8.x
Merge into: main
Upgrade tinymce to 8.3.2

chore(deps): lock file maintenance

Schedule: ["* 0-3 * * 1"]
Branch name: renovate/lock-file-maintenance
Merge into: main
Regenerate lock files to use latest dependency versions

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

This PR was generated by Mend Renovate. View the repository job log.

sonarqubecloud · 2025-09-26T09:55:43Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Add renovate.json

e8d89ec

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Configure Renovate#227

Configure Renovate#227
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/configure

renovate Bot commented Sep 26, 2025 •

edited

Loading

Uh oh!

sonarqubecloud Bot commented Sep 26, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate Bot commented Sep 26, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Detected Package Files

Configuration Summary

What to Expect

Uh oh!

sonarqubecloud Bot commented Sep 26, 2025

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate Bot commented Sep 26, 2025 •

edited

Loading