<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>Alpine on alex.thom.ae - Personal Blog</title>
    <link>https://alex.thom.ae/tags/alpine/</link>
    <description>Recent content in Alpine on alex.thom.ae - Personal Blog</description>
    <language>en-us</language>
    <lastBuildDate>Fri, 10 Jul 2026 09:00:00 +0300</lastBuildDate>
    
	<atom:link href="https://alex.thom.ae/tags/alpine/index.xml" rel="self" type="application/rss+xml" />
    
    
    <item>
      <title>Renovate at scale: a self-hosted dependency bot for fifty repositories</title>
      <link>https://alex.thom.ae/2026/07/10/renovate-at-scale/</link>
      <pubDate>Fri, 10 Jul 2026 09:00:00 +0300</pubDate>
      
      <dc:creator>Alex Thomae</dc:creator>
      <guid>https://alex.thom.ae/2026/07/10/renovate-at-scale/</guid>
      <description>Most teams either ignore dependency drift or hand a SaaS bot org-wide write access and automerge everything. There is a middle path: run the bot yourself, make automerge a graded-trust decision, and treat the update pipeline as attack surface. Here is the whole setup, from one public repository.</description>
    </item>
    
  </channel>
</rss>
