From a456c8b5ab03f0b9a5d30fb0f52a19f12b35d959 Mon Sep 17 00:00:00 2001
From: Rhys Arkins <rhys@arkins.net>
Date: Mon, 22 Feb 2021 11:18:46 +0100
Subject: [PATCH] fix: rangeStrategy=bump for npm vulnerabilities
---
lib/config/definitions.ts | 2 +-
.../init/__snapshots__/vulnerability.spec.ts.snap | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/config/definitions.ts b/lib/config/definitions.ts
index 45050769c6..63fc47ded2 100644
--- a/lib/config/definitions.ts
+++ b/lib/config/definitions.ts
@@ -1264,7 +1264,7 @@ const options: RenovateOptions[] = [
groupName: null,
schedule: [],
dependencyDashboardApproval: false,
- rangeStrategy: 'update-lockfile',
+ rangeStrategy: 'bump',
commitMessageSuffix: '[SECURITY]',
branchTopic: `{{{datasource}}}-{{{depName}}}-vulnerability`,
prCreation: 'immediate',
diff --git a/lib/workers/repository/init/__snapshots__/vulnerability.spec.ts.snap b/lib/workers/repository/init/__snapshots__/vulnerability.spec.ts.snap
index 446c9640bc..692d19e3b2 100644
--- a/lib/workers/repository/init/__snapshots__/vulnerability.spec.ts.snap
+++ b/lib/workers/repository/init/__snapshots__/vulnerability.spec.ts.snap
@@ -10,7 +10,7 @@ Array [
"dependencyDashboardApproval": false,
"groupName": null,
"prCreation": "immediate",
- "rangeStrategy": "update-lockfile",
+ "rangeStrategy": "bump",
"schedule": Array [],
},
"matchCurrentVersion": "= 1.8.2",
@@ -39,7 +39,7 @@ Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3
"dependencyDashboardApproval": false,
"groupName": null,
"prCreation": "immediate",
- "rangeStrategy": "update-lockfile",
+ "rangeStrategy": "bump",
"schedule": Array [],
},
"matchCurrentVersion": "= 1.6.7",
@@ -83,7 +83,7 @@ Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validati
"dependencyDashboardApproval": false,
"groupName": null,
"prCreation": "immediate",
- "rangeStrategy": "update-lockfile",
+ "rangeStrategy": "bump",
"schedule": Array [],
},
"matchCurrentVersion": "= 2.4.2",
--
GitLab