Configure Renovate

[svc-secops]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 Renovate will begin keeping your dependencies up-to-date only once you merge or close this Pull Request.

---

Detected Package Files

• .circleci/config.yml (circleci)
• package.json (npm)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Apply Apollo's centralized, default Renovate configuration
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Show all Merge Confidence badges for pull requests.
• Pin dependency versions for devDependencies and retain SemVer ranges for others.

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to .github/renovate.json5 in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 10 Pull Requests:

fix(deps): update dependency gatsby to v4 [security]

• Branch name: renovate/npm-gatsby-vulnerability
• Merge into: master
• Upgrade gatsby to ^4.0.0

fix(deps): update dependency gatsby-transformer-remark to v5 [security]

• Branch name: renovate/npm-gatsby-transformer-remark-vulnerability
• Merge into: master
• Upgrade gatsby-transformer-remark to ^5.0.0

chore(deps): pin dependencies

• Schedule: ["at any time"]
• Branch name: renovate/pin-dependencies
• Merge into: master
• Pin @trevorblades/eslint-config to 7.1.0
• Pin eslint to 5.16.0

chore(deps): update dependency @​trevorblades/eslint-config to ^7.1.0

• Schedule: ["at any time"]
• Branch name: renovate/trevorblades-eslint-config-7.x
• Merge into: master
• Upgrade @trevorblades/eslint-config to ^7.1.0

chore(deps): update dependency @​trevorblades/eslint-config to v8

• Schedule: ["at any time"]
• Branch name: renovate/trevorblades-eslint-config-8.x
• Merge into: master
• Upgrade @trevorblades/eslint-config to ^8.0.0

chore(deps): update dependency eslint to v9

• Schedule: ["at any time"]
• Branch name: renovate/major-eslint-monorepo
• Merge into: master
• Upgrade eslint to ^9.0.0

fix(deps): update dependency gatsby-theme-apollo-core to v4

• Schedule: ["at any time"]
• Branch name: renovate/major-apollo-graphql-packages
• Merge into: master
• Upgrade gatsby-theme-apollo-core to ^4.0.0

fix(deps): update gatsby monorepo (major)

• Schedule: ["at any time"]
• Branch name: renovate/major-gatsby-monorepo
• Merge into: master
• Upgrade gatsby-plugin-google-gtag to ^5.0.0
• Upgrade gatsby-remark-autolink-headers to ^6.0.0
• Upgrade gatsby-remark-copy-linked-files to ^6.0.0
• Upgrade gatsby-source-filesystem to ^5.0.0

fix(deps): update react monorepo to v19 (major)

• Schedule: ["at any time"]
• Branch name: renovate/major-react-monorepo
• Merge into: master
• Upgrade react to ^19.0.0
• Upgrade react-dom to ^19.0.0

chore(deps): lock file maintenance

• Schedule: ["before 4am on monday"]
• Branch name: renovate/lock-file-maintenance
• Merge into: master
• Regenerate lock files to use latest dependency versions

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR has been generated by Renovate Bot.

[apollo-cla]

@svc-secops: Thank you for submitting a pull request! Before we can merge it, you'll need to sign the Apollo Contributor License Agreement here: https://contribute.apollographql.com/