From dcf196d103bdedf1dc784cd98830aeef22b2043d Mon Sep 17 00:00:00 2001
From: Todd Baert <todd.baert@dynatrace.com>
Date: Wed, 13 Sep 2023 13:41:12 -0400
Subject: [PATCH 1/2] chore: auto-merge renovate, add CODEOWNERS (#68)

Signed-off-by: Todd Baert <todd.baert@dynatrace.com>
---
 .github/workflows/main.yml |  3 +--
 CODEOWNERS                 |  6 ++++++
 renovate.json              | 14 +++++++++++++-
 3 files changed, 20 insertions(+), 3 deletions(-)
 create mode 100644 CODEOWNERS

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 44a7f89..0327e29 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -34,10 +34,9 @@ jobs:
         run: bundle exec rspec
       - name: Upload coverage to Codecov
         if: ${{ strategy.job-index == 0 }} # only run codecov on first run
-        uses: codecov/codecov-action@c9e4b7326764720e2d95c3a9615d9e6ba7fc949f
+        uses: codecov/codecov-action@845c445181131d954f0198d3d0f26242acc0376e
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
-          name: Ruby SDK
           fail_ci_if_error: true
           verbose: true
           file: coverage/coverage.xml
diff --git a/CODEOWNERS b/CODEOWNERS
new file mode 100644
index 0000000..4da6f3f
--- /dev/null
+++ b/CODEOWNERS
@@ -0,0 +1,6 @@
+# These owners will be the default owners for everything in
+# the repo. Unless a later match takes precedence
+#
+# Managed by Peribolos: https://github.com/open-feature/community/blob/main/config/open-feature/sdk-ruby/workgroup.yaml
+#
+* @open-feature/sdk-ruby-maintainers
diff --git a/renovate.json b/renovate.json
index 39a2b6e..f59c55b 100644
--- a/renovate.json
+++ b/renovate.json
@@ -1,6 +1,18 @@
 {
   "$schema": "https://docs.renovatebot.com/renovate-schema.json",
   "extends": [
-    "config:base"
+    "config:base",
+    "helpers:pinGitHubActionDigests"
+  ],
+  "packageRules": [
+    {
+      "matchUpdateTypes": ["minor", "patch"],
+      "matchCurrentVersion": "!/^0/",
+      "automerge": true
+    },
+    {
+      "matchManagers": ["github-actions"],
+      "automerge": true
+    }
   ]
 }

From aadd9183a8f3a9b3e74cf9b1301a1ad2c58c3ead Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 13 Sep 2023 13:45:28 -0400
Subject: [PATCH 2/2] chore(deps): pin dependencies (#69)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .github/workflows/main.yml           | 4 ++--
 .github/workflows/pr-title-lint.yml  | 2 +-
 .github/workflows/release-please.yml | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 0327e29..d148ed9 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -25,7 +25,7 @@ jobs:
       BUNDLE_GEMFILE: Gemfile
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
       - uses: ruby/setup-ruby@v1
         with:
           ruby-version: ${{ matrix.ruby }}
@@ -44,7 +44,7 @@ jobs:
     name: Rubocop
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
       - uses: ruby/setup-ruby@v1
         with:
           ruby-version: 3.2
diff --git a/.github/workflows/pr-title-lint.yml b/.github/workflows/pr-title-lint.yml
index d2c4216..c76be02 100644
--- a/.github/workflows/pr-title-lint.yml
+++ b/.github/workflows/pr-title-lint.yml
@@ -12,6 +12,6 @@ jobs:
     name: Validate PR title
     runs-on: ubuntu-latest
     steps:
-      - uses: amannn/action-semantic-pull-request@v5
+      - uses: amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54 # v5
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index bca7333..1d882d4 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -10,7 +10,7 @@ jobs:
 
     # Release-please creates a PR that tracks all changes
     steps:
-      - uses: google-github-actions/release-please-action@v3
+      - uses: google-github-actions/release-please-action@ca6063f4ed81b55db15b8c42d1b6f7925866342d # v3
         id: release
         with:
           release-type: ruby
@@ -28,7 +28,7 @@ jobs:
     steps:
       # The logic below handles the npm publication:
       - name: Checkout Repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
         with:
           ref: ${{ needs.release-please.outputs.release_tag_name }}