chore: Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• .github/workflows/integration-test.yml (github-actions)
• .github/workflows/lint.yml (github-actions)
• .github/workflows/scan.yaml (github-actions)
• package.json (npm)
• renovate.json (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• Pin Docker digests.
• Pin github-action digests.
• Enable Renovate configuration migration PRs when needed.
• Pin dependency versions for development dependencies.
• Recommended configuration for abandoned packages, treating packages without a release for 1 year as abandoned, while taking into account community-sourced overrides.
• Wait until the npm package is three days old before raising the update. This a) introduces a short delay to allow for malware researchers and scanners to (possibly) detect any malicious behaviour in packages, and b) prevents the maintainer and/or NPM from unpublishing a package you already upgraded to, breaking builds.
• Run lock file maintenance (updates) early Monday mornings.
• Show OpenSSF badge on pull requests.
• Use semantic prefixes for commit messages and PR titles.
• Org-wide Renovate preset for midnightntwrk. Supply-chain hardened.
• Run Renovate on following schedule: before 7am on Monday

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 8 Pull Requests:

chore(deps): pin dependencies

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/pin-dependencies
• Merge into: main
• Pin @eslint/js to 9.32.0
• Pin @types/dockerode to 3.3.42
• Pin @types/inquirer to 9.0.8
• Pin @types/node to 24.1.0
• Pin @types/node-fetch to 2.6.12
• Pin eslint to 9.32.0
• Pin jest to 30.0.5
• Pin prettier to 3.6.2
• Pin ts-jest to 29.4.0
• Pin ts-node to 10.9.2
• Pin typescript to 5.8.3
• Pin typescript-eslint to 8.38.0

chore(deps): update midnightntwrk/upload-sarif-github-action digest to 0fb83f2

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/midnight-github-actions
• Merge into: main
• Upgrade midnightntwrk/upload-sarif-github-action to 0fb83f20a00c45709de4a57d628cedbc38be46c5

chore(deps): update non-major dependencies

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/non-major-deps
• Merge into: main
• Upgrade @types/dockerode to ^3.3.42
• Upgrade @types/node to ^24.1.0
• Upgrade chalk to 5.6.2
• Upgrade dockerode to 4.0.10
• Upgrade prettier to ^3.8.1

chore(deps): update actions/setup-node action to v6

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/actions-setup-node-6.x
• Merge into: main
• Upgrade actions/setup-node to 53b83947a5a98c8d113130e565377fae1a50d02f

chore(deps): update dependency @​types/dockerode to v4

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/dockerode-4.x
• Merge into: main
• Upgrade @types/dockerode to ^4.0.0

chore(deps): update dependency node to v24

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/node-24.x
• Merge into: main
• Upgrade node to 24.x

chore(deps): update dependency typescript to v6

• Schedule: ["before 7am on Monday"]
• Branch name: renovate/typescript-6.x
• Merge into: main
• Upgrade typescript to ^6.0.0

chore(deps): lock file maintenance

• Schedule: ["before 7am on the first day of the month"]
• Branch name: renovate/lock-file-maintenance
• Merge into: main
• Regenerate lock files to use latest dependency versions

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.