-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Configure Renovate #15618
Configure Renovate #15618
Conversation
Let's make sure we configure renovate to only act on the npm packages (and leave the rest up to dependabot). |
374fe5b
to
af1a895
Compare
af1a895
to
e76c5ab
Compare
":automergeLinters", | ||
":automergeTypes", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Automerge sounds like something we should never ever allow or do.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- This is very conservative and only permits it for ESLint, Prettier, and
@types/*
packages. If the CI passes, there's no reason not to merge. That's what any human would do. - It won't actually allow it anyway because the PR still requires approval per the branch protection rule. Without changes on GitHub, all it will do is effectively check the box on the PR.
Renovate has a decent discussion of the automerge feature on their website.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was a serious review comment which you just declined, dismissed any further discussion, added yourself, self approved and now merged.
Please revert this asap.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's what any human would do.
I hope for sure, that is not what any reviewer (or you) does. At least the upstream changes should be reviewed. Something renovate will not do for you, as it is not an human.
../Frenck
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I hope for sure, that is not what any reviewer (or you) does. At least the upstream changes should be reviewed. Something renovate will not do for you, as it is not an human.
I did not intend to imply that the release notes should not be reviewed. I certainly do that every time. I simply meant that in those particular cases, the CI lint is all that is needed in terms of testing.
Again, I included those rules in a way that was simply meant as an extra click time saver on a small subset of very low risk packages. No actual automatic merging was configured.
In any case, I removed all mentions of automerge in #15743.
Okay I think this is a good config to start with. Other than the deduplicating and "automerge" (which won't actually automerge) per my comment above, it will virtually be the same as dependabot except:
|
Merging to make sure this behaves like I expect. We can certainly follow up with changes. |
You should not have merged this. While you did not open the initial PR, the initial PR does not exist and all changes are made by you. |
Agree this must be reverted asap. The auto merge rules imho are a big no-go. My review comment above has just been dismissed an you just merged your own in, without any further discussion or consensus. |
"group:monorepos", | ||
"group:recommended", | ||
"npm:unpublishSafe", | ||
"workarounds:all" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this needs to be more specific, to prevent future (possibly unwanted) workarounds to just being blatantly accepted.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Very well. I left it there as it's part of their base config. None of the workarounds are actually relevant to this repo.
I removed it in #15743.
Renovate is disabledRenovate is disabled due to lack of config. If you wish to reenable it, you can either (a) commit a config file to your base branch, or (b) rename this closed PR to trigger a replacement onboarding PR. |
In retrospect I should not have jumped the gun to merge. I had some time to devote to this last night and was simply eager to verify some of the configured functionality worked as expected (including automerge) before stating anything that wasn't actually correct. I meant no disrespect and had no malicious intent to dismiss or decline feedback. I don't operate that way. I intended to follow up as I stated. |
We know you mean well 👍 Thanks for pushing this anyways, as I think this will be a good addition 👍 ../Frenck |
Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.
🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.
Detected Package Files
package.json
(npm)Configuration
🔡 Renovate has detected a custom config for this PR. Feel free to ask for help if you have any doubts and would like it reviewed.
Important: Now that this branch is edited, Renovate can't rebase it from the base branch any more. If you make changes to the base branch that could impact this onboarding PR, please merge them manually.
What to Expect
With your current configuration, Renovate will create 21 Pull Requests:
Pin dependencies
renovate/pin-dependencies
dev
7.21.0
7.18.6
7.18.6
7.21.0
7.18.6
7.20.7
7.21.0
7.8.3
7.10.4
7.14.5
7.20.2
7.21.0
6.0.2
2.0.17
6.5.1
2.1.0
3.1.1
8.3.5
5.1.10
11.1.10
6.1.4
6.1.4
6.1.4
6.1.4
6.1.4
4.0.0
1.1.3
1.0.3
1.0.1
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
0.27.0
4.0.4
19.0.7
0.1.3
5.3.0
11.1.0
4.0.3
7.1.3
2.4.2
1.0.5
4.0.3
8.1.0
4.0.5
1.9.1
1.0.6
4.0.8
10.0.1
1.5.0
6.1.1
1.15.0
6.1.4
0.0.29
5.54.0
5.54.0
23.3.7
23.3.7
3.2.1-alpha.1
3.2.1-alpha.1
3.2.1-alpha.1
1.3.0
0.1.35
0.2.11
0.0.8
2.7.0
5.1.1
9.1.2
4.1.0
4.3.7
3.3.2
4.4.1
3.29.0
1.5.13
2.29.3
2.0.0
1.1.1
0.0.1
7.0.0
8.35.0
15.0.0
17.0.0
8.6.0
0.13.2
2.0.3
2.27.5
1.8.2
2.3.0
2.0.0
1.4.0
4.0.1
2.0.0
11.1.0
6.6.2
8.1.0
1.0.2
4.0.2
1.0.2
0.4.8
2.1.2
2.0.0
6.0.1
1.3.4
8.0.1
4.0.0
8.0.3
6.2.0
1.5.0
10.3.1
4.1.0
3.10.1
1.9.3
1.0.4
13.1.2
2.6.1
1.2.1
4.5.0
0.30.0
0.0.7
4.2.12
6.0.0
2.0.0
10.2.0
3.0.0
8.4.2
3.0.0
2.8.4
0.3.2
2.3.0
1.4.2
1.5.1
0.13.11
1.2.0
1.5.1
0.10.0
2.79.1
3.0.0
5.3.0
5.9.0
2.7.2
6.1.5
15.0.1
1.15.0
0.4.1
1.0.3
6.14.0
6.1.13
5.3.6
1.4.0
1.2.1
2.9.3
2.9.3
4.9.5
5.0.0
1.0.1
2.0.0
7.1.4
9.1.4
2.7.14
0.6.8
5.0.1
4.11.1
5.0.0
5.0.2
2.0.0
6.5.4
6.5.4
6.5.4
6.5.4
6.5.4
6.5.4
6.5.4
1.0.14
Pin dependencies
renovate/codemirror
dev
6.4.2
6.2.1
6.6.0
6.3.1
6.2.3
6.2.0
6.9.1
Pin dependencies
renovate/polymer-packages
dev
3.1.0
3.0.1
3.0.1
3.0.1
3.0.1
3.2.1
3.0.1
3.0.1
3.0.1
3.0.1
3.1.0
3.0.1
3.0.1
3.5.1
Update dependency @rollup/plugin-babel to ^5.3.0
renovate/rollup-plugin-babel-5.x
dev
^5.3.0
Update dependency @types/chromecast-caf-receiver to v5.0.15
renovate/chromecast-caf-receiver-5.x
dev
5.0.15
Update Yarn to v3.4.1
renovate/yarn-monorepo
dev
3.4.1
Update dependency @rollup/plugin-json to ^4.1.0
renovate/rollup-plugin-json-4.x
dev
^4.1.0
Update dependency @web/dev-server-rollup to ^0.3.0
renovate/web-dev-server-rollup-0.x
dev
^0.3.0
Update dependency chart.js to ^3.9.1
renovate/chart.js-3.x
dev
^3.9.1
Update dependency webpack to v5.75.0
renovate/webpack-5.x
dev
=5.75.0
Update dependency @rollup/plugin-babel to v6
renovate/rollup-plugin-babel-6.x
dev
^6.0.0
Update dependency @rollup/plugin-commonjs to v24
renovate/rollup-plugin-commonjs-24.x
dev
^24.0.0
Update dependency @rollup/plugin-json to v6
renovate/rollup-plugin-json-6.x
dev
^6.0.0
Update dependency @rollup/plugin-node-resolve to v15
renovate/rollup-plugin-node-resolve-15.x
dev
^15.0.0
Update dependency @rollup/plugin-replace to v5
renovate/rollup-plugin-replace-5.x
dev
^5.0.0
Update dependency @types/chromecast-caf-receiver to v6
renovate/chromecast-caf-receiver-6.x
dev
6.0.8
Update dependency chart.js to v4
renovate/chart.js-4.x
dev
^4.0.0
Update dependency glob to v9
renovate/glob-9.x
dev
^9.0.0
Update dependency rollup to v3
renovate/rollup-3.x
dev
^3.0.0
Update dependency rollup-plugin-terser to v7
renovate/rollup-plugin-terser-7.x
dev
^7.0.0
Lock file maintenance
renovate/lock-file-maintenance
dev
❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.
This PR has been generated by Mend Renovate. View repository job log here.