chore: Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

📚 See our Reading List for relevant documentation you may be interested in reading.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

Detected Package Files

• Dockerfile.gorel (dockerfile)
• .github/workflows/ci.yml (github-actions)
• .github/workflows/release.yml (github-actions)
• go.mod (gomod)
• renovate.json (renovate-config-presets)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title
• If Renovate detects semantic commits, it will use semantic commit type fix for all commits.
• Run Renovate on following schedule: * 17 1-7 * 1

---

What to Expect

With your current configuration, Renovate will create 3 Pull Requests:

fix(deps): pin dependencies

• Schedule: ["* 17 1-7 * 1"]
• Branch name: renovate/docker
• Merge into: main
• Upgrade alpine to sha256:5b10f432ef3da1b8d4c7eb6c487f2f5a8f096bc91145e68878dd4a5019afde11
• Upgrade debian to sha256:1d6cd964917a13b547d1ea392dff9a000c3f36070686ebc5c8755d53fb374435
• Upgrade docker/dockerfile to sha256:2780b5c3bab67f1f76c781860de469442999ed1a0d7992a5efdf2cffc0e3d769

fix(deps): update actions/setup-go action to v6.4.0

• Schedule: ["* 17 1-7 * 1"]
• Branch name: renovate/github-actions
• Merge into: main
• Upgrade actions/setup-go to 4a3601121dd01d1626a1e23e37211e3254c1c06c

fix(deps): update debian docker tag to v13

• Schedule: ["* 17 1-7 * 1"]
• Branch name: renovate/major-13-docker
• Merge into: main
• Upgrade debian to sha256:3352c2e13876c8a5c5873ef20870e1939e73cb9a3c1aeba5e3e72172a85ce9ed

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

---

Warning

Please correct - or verify that you can safely ignore - these dependency lookup failures before you merge this PR.

• Failed to look up github-tags package aquasecurity/trivy-action: no-result

Files affected: .github/workflows/release.yml

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.