From 3fe15ee91516003585df2765073586beacf22c7c Mon Sep 17 00:00:00 2001
From: Marshall Bowers <git@maxdeviant.com>
Date: Fri, 18 Apr 2025 14:44:30 -0400
Subject: [PATCH] renovate: Require dependency dashboard approval for updates
 (#29065)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR changes Renovate's behavior to require dependency dashboard
approval for updates.

> Maybe you find Renovate too noisy, and want to opt-out of getting
automatic updates whenever they're ready.
>
> In this case, you can tell Renovate to wait for your approval before
making any pull requests. This means that you have full control over
when you get updates.
>
> But vulnerability remediation PRs will still get created immediately
without requiring approval.
>
> To require manual approval for *all* updates, add the
`:dependencyDashboardApproval` presets to the `extends` array in your
Renovate configuration file:
>
> —
https://docs.renovatebot.com/key-concepts/dashboard/#require-approval-for-all-updates

Release Notes:

- N/A
---
 renovate.json | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/renovate.json b/renovate.json
index cdf44f683b..6e5630ad84 100644
--- a/renovate.json
+++ b/renovate.json
@@ -4,15 +4,13 @@
     "config:recommended",
     ":semanticCommitsDisabled",
     ":separateMultipleMajorReleases",
+    ":dependencyDashboardApproval",
     "helpers:pinGitHubActionDigests",
     "group:serdeMonorepo"
   ],
   "dependencyDashboard": true,
   "timezone": "America/New_York",
   "schedule": ["after 3pm on Wednesday"],
-  "major": {
-    "dependencyDashboardApproval": true
-  },
   "prFooter": "Release Notes:\n\n- N/A",
   "ignorePaths": ["**/node_modules/**", "tooling/workspace-hack/**"],
   "packageRules": [