Clean up Renovate config and fix smoke test rate limits (#120)

[vadimpiven]

Remove redundant Renovate presets already included in config:recommended and no-op automerge rule. Fix smoke test GitHub API rate limit failures by providing GITHUB_TOKEN to the slsa postinstall step.

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request aims to optimize the project's dependency management and improve CI/CD reliability. It streamlines the Renovate configuration by removing redundant presets and an ineffective automerge rule, leading to a cleaner and more efficient setup. Additionally, it resolves GitHub API rate limit issues encountered during smoke tests, ensuring more stable and consistent test execution.

Highlights

• Renovate Configuration Streamlined: Redundant extends configurations, specifically :separateMajorReleases and :combinePatchMinorReleases, were removed from .github/renovate.json as they are already included in config:recommended.
• Unnecessary Automerge Rule Removed: A no-op automerge: false rule for minor, patch, pin, and digest updates was removed from the Renovate configuration in .github/renovate.json.
• Smoke Test Rate Limit Fix: The pull request addresses GitHub API rate limit failures encountered during smoke tests by providing a GITHUB_TOKEN to the slsa postinstall step.

Changelog

• .github/renovate.json
  • Removed ":separateMajorReleases" and ":combinePatchMinorReleases" from the extends array.
  • Deleted the packageRules entry that set automerge: false for minor, patch, pin, and digest update types.

Ignored Files

• Ignored by pattern: .github/workflows/** (1)
  • .github/workflows/release.yaml

Activity

• No human activity has occurred on this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request cleans up the Renovate configuration by removing redundant presets and a no-op package rule. The changes correctly simplify the configuration file. I have reviewed the changes and found no issues.

_{Note: Security Review has been skipped due to the limited scope of the PR.}

[greptile-apps]

Greptile Summary

Summary

This PR makes two targeted cleanups:

1. renovate.json: Simplifies the Renovate config by removing presets already bundled into config:recommended (:separateMajorReleases and :combinePatchMinorReleases) and a no-op automerge: false rule (automerge defaults to false). Also consolidates redundant package grouping rules into two clear rules for non-major and major updates. No functional behavior change.

2. release.yaml: Fixes smoke-test CI failures caused by GitHub API rate limits by granting contents: read permission to the smoke-test job and passing GITHUB_TOKEN to the "Smoke test" step. This allows the SLSA provenance postinstall to make authenticated API calls (5000 req/hr limit instead of 60 req/hr). The minimal permission scope limits any exposure risk significantly.

Both changes are straightforward, intentional, and well-scoped to their stated goals.

Confidence Score: 5/5

• Safe to merge — changes are minimal, correct, and address known issues with appropriate scoping.
• Both files have been updated correctly and safely. The renovate.json changes simplify config without behavioral impact. The release.yaml changes fix a real rate-limit issue with minimal permission scope (contents: read). No files require special attention.
• No files require special attention

_{Last reviewed commit: e1cf3a7}