chore(pre-commit): add renovate-config-validator hook (PC-015)#32
chore(pre-commit): add renovate-config-validator hook (PC-015)#32williaby wants to merge 1 commit into
Conversation
|
Warning Review limit reached
More reviews will be available in 8 minutes and 26 seconds. Learn how PR review limits work. Your organization has run out of usage credits. Purchase more in the billing tab. ⌛ How to resolve this issue?After more reviews become available, a review can be triggered using the We recommend that you space out your commits to avoid hitting the rate limit. 🚦 How do rate limits work?CodeRabbit enforces hourly rate limits for each developer per organization. Our paid plans include higher PR review limits than trial, open-source, and free plans. In all cases, reviews become available again over time. During sustained high-volume PR review activity, CodeRabbit may temporarily slow when the next review becomes available. Please see our Fair Usage Limits Policy for further information. 📝 WalkthroughWalkthroughThis PR adds the Renovate config validator to the pre-commit hook pipeline. A new hook from ChangesRenovate Hook Setup
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 5✅ Passed checks (5 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Dependency Review✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.Scanned FilesNone |
There was a problem hiding this comment.
Pull request overview
Adds a Renovate config validation pre-commit hook so Renovate configuration issues can be caught locally, with the validator runtime pinned to match the homelab Renovate server version.
Changes:
- Add
renovate-config-validatorhook fromrenovatebot/pre-commit-hooks. - Pin the hook’s runtime Renovate package via
additional_dependenciestorenovate@42.92.14.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| rev: 2a27c9fda39c7c05bc7488a10920c7700979c263 # v43.150.0 | ||
| hooks: | ||
| - id: renovate-config-validator | ||
| additional_dependencies: ["renovate@42.92.14"] |
There was a problem hiding this comment.
Fixed in 3a4515e: added stages: [pre-commit] to the renovate-config-validator hook so it matches every other hook in the file.
| rev: 2a27c9fda39c7c05bc7488a10920c7700979c263 # v43.150.0 | ||
| hooks: | ||
| - id: renovate-config-validator | ||
| additional_dependencies: ["renovate@42.92.14"] |
There was a problem hiding this comment.
Addressed in 3a4515e: the version split is intentional (the v43+ validator silently accepts invalid manager IDs like uv that the v42 homelab server rejects, so the v42 runtime pin is what makes the hook catch the trap). Rather than aligning the versions, I added an inline NOTE comment above the hook explaining that rev pins the wrapper repo while additional_dependencies pins the runtime, why they must differ, and the lockstep-upgrade obligation (PC-015). Also annotated the rev comment as "wrapper only; runtime pinned below".
PR ReviewCI is fully green and the SonarCloud quality gate passed. One hard blocker and a couple of maintainability items. 🔴 Critical — merge blocked
🟠 Important
🟡 Suggested
Positive: 🤖 Generated with Claude Code |
Pins renovate-config-validator to renovate@42.92.14, the homelab self-hosted Renovate server version. Default npx renovate-config-validator resolves to v43+ which accepts invalid manager identifiers like "uv"; a v42-pinned validator is required to catch the trap documented in feedback_renovate_uv_manager_trap.md. When the homelab Renovate image bumps to a new major, this pin must be updated in lockstep across all repos. Tracking: PC-015 in docs/standards-manifest.yaml.
2077d26 to
3a4515e
Compare
PR Fix SummaryResolved all findings from the review. Branch rebased onto Merge conflict (Critical): Rebased onto Review comments (both Copilot threads addressed):
Verification (local):
CI re-run triggered by the push. 🤖 Generated with Claude Code |
|



Summary
Adds the
renovate-config-validatorpre-commit hook to fulfill PC-015 of the standards manifest. The hook is pinned viaadditional_dependencies: ["renovate@42.92.14"]to match the homelab self-hosted Renovate server version.Why the version pin matters
Default
npx renovate-config-validatorresolves to v43+, which silently accepts invalid manager identifiers (e.g."uv"). The homelab Renovate server runs v42.92.14 and rejects them. Pinning the validator to the same version is what makes the hook actually catch the trap documented infeedback_renovate_uv_manager_trap.md.Lockstep upgrade
When the homelab Renovate image is bumped to a new major version, this pin must be updated in lockstep across every repo. PC-015 in
docs/standards-manifest.yamlis the source of truth.Validation
renovate.jsonwas validated againstrenovate@42.92.14before this PR was opened; config is clean..pre-commit-config.yamlis modified.Generated with Claude Code
Summary by CodeRabbit