From 57d46e07b8fb5b27e271094697f3ab60ff9404ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Proch=C3=A1zka?= <jos.prochazka@post.cz>
Date: Mon, 30 Mar 2026 10:52:11 +0200
Subject: [PATCH 1/2] chore: Use only packages older than 24 hours

- Update Renovate and project settings to use only package versions older than 24 hours
- Motivation is to add minimal defence to supply chain attacks.
---
 pyproject.toml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pyproject.toml b/pyproject.toml
index c1c30017..319c96ae 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -221,6 +221,10 @@ exclude_lines = ["pragma: no cover", "if TYPE_CHECKING:", "assert_never()"]
 [tool.ipdb]
 context = 7
 
+[tool.uv]
+# Minimal defense against supply-chain attacks.
+exclude-newer = "24 hours"
+
 # Run tasks with: uv run poe <task>
 [tool.poe.tasks]
 clean = "rm -rf .coverage .pytest_cache .ruff_cache .ty_cache build dist htmlcov"

From 5ad0d53fc05e5fbd7af5cc4262dfe15c7ed53e5c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josef=20Proch=C3=A1zka?= <jos.prochazka@post.cz>
Date: Mon, 30 Mar 2026 10:52:12 +0200
Subject: [PATCH 2/2] chore: Use only packages older than 24 hours

- Update Renovate and project settings to use only package versions older than 24 hours
- Motivation is to add minimal defence to supply chain attacks.
---
 renovate.json | 1 +
 1 file changed, 1 insertion(+)

diff --git a/renovate.json b/renovate.json
index 90167e92..4082a9ff 100644
--- a/renovate.json
+++ b/renovate.json
@@ -21,6 +21,7 @@
             "automergeType": "branch"
         }
     ],
+    "minimumReleaseAge": "1 day",
     "schedule": ["before 7am every weekday"],
     "ignoreDeps": ["apify", "docusaurus-plugin-typedoc-api"]
 }