From a3cec35ed64abbebf75ff5412f14b8b1f5cb4f8a Mon Sep 17 00:00:00 2001
From: Bryan Beverly <bryan.beverly@trufflesec.com>
Date: Fri, 29 May 2026 10:01:53 -0700
Subject: [PATCH] Add low-risk tier shared Renovate preset

Centralizes automerge rules for low-risk repos into a shared preset so
per-repo configs are one-liners. Rules for Go, JS, Docker, Python
minor/patch and all GitHub Actions updates. Non-matching rules are
harmless -- repos only get automerge for ecosystems they actually use.

Part of the Dependency Strategy Unification (PLAT-227).

Co-authored-by: Cursor <cursoragent@cursor.com>
---
 renovate-config-low-risk.json | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)
 create mode 100644 renovate-config-low-risk.json

diff --git a/renovate-config-low-risk.json b/renovate-config-low-risk.json
new file mode 100644
index 0000000..6888674
--- /dev/null
+++ b/renovate-config-low-risk.json
@@ -0,0 +1,35 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["github>trufflesecurity/.github:renovate-config"],
+  "packageRules": [
+    {
+      "description": "Automerge minor/patch for Go dependencies",
+      "matchUpdateTypes": ["minor", "patch", "pin", "digest"],
+      "matchCategories": ["golang"],
+      "automerge": true
+    },
+    {
+      "description": "Automerge all GitHub Actions updates",
+      "matchManagers": ["github-actions"],
+      "automerge": true
+    },
+    {
+      "description": "Automerge minor/patch for JS dependencies (npm/yarn/pnpm)",
+      "matchUpdateTypes": ["minor", "patch", "pin", "digest"],
+      "matchCategories": ["js"],
+      "automerge": true
+    },
+    {
+      "description": "Automerge minor/patch for Docker dependencies",
+      "matchUpdateTypes": ["minor", "patch", "pin", "digest"],
+      "matchCategories": ["docker"],
+      "automerge": true
+    },
+    {
+      "description": "Automerge minor/patch for Python dependencies",
+      "matchUpdateTypes": ["minor", "patch", "pin", "digest"],
+      "matchCategories": ["python"],
+      "automerge": true
+    }
+  ]
+}