Skip to content

disable minor update for all packages by default#8310

Merged
Devinwong merged 1 commit intomainfrom
devinwon/disable_renovate_minor
Apr 14, 2026
Merged

disable minor update for all packages by default#8310
Devinwong merged 1 commit intomainfrom
devinwon/disable_renovate_minor

Conversation

@Devinwong
Copy link
Copy Markdown
Collaborator

@Devinwong Devinwong commented Apr 14, 2026

What this PR does / why we need it:
Disable minor update for all packages by default (using wildcards). We unintentionally enabled some packages earlier.

Which issue(s) this PR fixes:

Fixes #

Copilot AI review requested due to automatic review settings April 14, 2026 19:18
@Devinwong Devinwong merged commit aa535df into main Apr 14, 2026
20 of 21 checks passed
@Devinwong Devinwong deleted the devinwon/disable_renovate_minor branch April 14, 2026 19:21
Copilot AI reviewed Apr 14, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Updates Renovate configuration to prevent minor updates across the repo by default, and adjusts RPM datasource handling.

Changes:

  • Broadens the “disable minor updates” rule from an explicit package allowlist to all packages.
  • Restricts the RPM rule to apply only to patch updates.

Comment thread .github/renovate.json
Comment on lines 25 to 29
"packageRules": [
{
"matchPackageNames": [
"*/kubernetes/autoscaler/addon-resizer",
"*/kubernetes/autoscaler/cluster-proportional-autoscaler",
"*/kubernetes/coredns",
"oss/v2/kubernetes/pause",
"containernetworking/azure-cni",
"containernetworking/azure-cns",
"containernetworking/azure-ipam",
"containernetworking/cilium/cilium",
"containernetworking/cilium/cilium-distroless-init",
"containernetworking/cilium/cilium-distroless",
"oss/kubernetes/apiserver-network-proxy/agent",
"oss/kubernetes-csi/secrets-store/driver",
"oss/azure/secrets-store/provider-azure",
"azuremonitor/containerinsights/ciprod",
"azuremonitor/containerinsights/ciprod/prometheus-collector/images",
"oss/kubernetes/azure-cloud-node-manager",
"oss/v2/kubernetes/azure-cloud-node-manager",
"aks/ip-masq-agent-v2",
"oss/v2/azure/ip-masq-agent-v2",
"oss/kubernetes-csi/azuredisk-csi",
"oss/v2/kubernetes-csi/azuredisk-csi",
"oss/kubernetes-csi/azurefile-csi",
"oss/v2/kubernetes-csi/azurefile-csi",
"oss/kubernetes-csi/blob-csi",
"oss/kubernetes-csi/livenessprobe",
"oss/kubernetes-csi/csi-node-driver-registrar",
"oss/v2/open-policy-agent/gatekeeper",
"azure-policy/policy-kubernetes-addon-prod",
"azure-policy/policy-kubernetes-webhook",
"oss/kubernetes/kube-proxy",
"oss/v2/kubernetes/kube-proxy",
"oss/binaries/kubernetes/kubernetes-node",
"oss/binaries/kubernetes/azure-acr-credential-provider",
"containernetworking/azure-npm",
"azure-acr-credential-provider"
],
"matchUpdateTypes": [
"minor"
],
Copy link

Copilot AI Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The PR description says this is done 'using wildcards', but the implementation achieves the global behavior by removing matchPackageNames entirely (so the rule matches everything). Either update the PR description to reflect the actual mechanism, or make the config intent explicit (e.g., add an explicit match-all pattern) so future readers don’t interpret the missing matcher as accidental.

Copilot uses AI. Check for mistakes.
Comment thread .github/renovate.json
Comment on lines +67 to +69
"matchUpdateTypes": [
"patch"
],
Copy link

Copilot AI Apr 14, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Adding matchUpdateTypes: [\"patch\"] means the custom versioning regex will only apply to patch updates for RPM. If Renovate needs this regex to correctly parse/compare RPM versions, then minor/major RPM updates (or pins/digests, depending on repo settings) may be evaluated under default versioning rules, which can lead to incorrect update behavior. Consider removing matchUpdateTypes here, or duplicating the rule (same versioning) for the other update types you still want Renovate to evaluate consistently.

Suggested change
"matchUpdateTypes": [
"patch"
],

Copilot uses AI. Check for mistakes.
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 14, 2026

PR Title Lint Failed ❌

Current Title: disable minor update for all packages by default

Your PR title doesn't follow the expected format. Please update your PR title to follow one of these patterns:

Conventional Commits Format:

  • feat: add new feature - for new features
  • fix: resolve bug in component - for bug fixes
  • docs: update README - for documentation changes
  • refactor: improve code structure - for refactoring
  • test: add unit tests - for test additions
  • chore: remove dead code - for maintenance tasks
  • chore(deps): update dependencies - for updating dependencies
  • ci: update build pipeline - for CI/CD changes

Guidelines:

  • Use lowercase for the type and description
  • Keep the description concise but descriptive
  • Use imperative mood (e.g., "add" not "adds" or "added")
  • Don't end with a period

Examples:

  • feat(windows): add secure TLS bootstrapping for Windows nodes
  • fix: resolve kubelet certificate rotation issue
  • docs: update installation guide
  • Added new feature
  • Fix bug.
  • Update docs

Please update your PR title and the lint check will run again automatically.

@djsly
Copy link
Copy Markdown
Collaborator

djsly commented Apr 14, 2026

@Devinwong not sure this makes sense, I would revert and revisit how we want to do it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cameronmeissner cameronmeissner cameronmeissner approved these changes

@ganeshkumarashok ganeshkumarashok Awaiting requested review from ganeshkumarashok ganeshkumarashok is a code owner

@lilypan26 lilypan26 Awaiting requested review from lilypan26 lilypan26 is a code owner

@AbelHu AbelHu Awaiting requested review from AbelHu AbelHu is a code owner

@junjiezhang1997 junjiezhang1997 Awaiting requested review from junjiezhang1997 junjiezhang1997 is a code owner

@djsly djsly Awaiting requested review from djsly djsly is a code owner

@phealy phealy Awaiting requested review from phealy phealy is a code owner

@r2k1 r2k1 Awaiting requested review from r2k1 r2k1 is a code owner

@timmy-wright timmy-wright Awaiting requested review from timmy-wright timmy-wright is a code owner

@zachary-bailey zachary-bailey Awaiting requested review from zachary-bailey zachary-bailey is a code owner

@awesomenix awesomenix Awaiting requested review from awesomenix awesomenix is a code owner

@mxj220 mxj220 Awaiting requested review from mxj220 mxj220 is a code owner

@pdamianov-dev pdamianov-dev Awaiting requested review from pdamianov-dev pdamianov-dev is a code owner

@calvin197 calvin197 Awaiting requested review from calvin197 calvin197 is a code owner

@sulixu sulixu Awaiting requested review from sulixu sulixu is a code owner

@surajssd surajssd Awaiting requested review from surajssd surajssd is a code owner

@SriHarsha001 SriHarsha001 Awaiting requested review from SriHarsha001 SriHarsha001 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Devinwong @djsly @cameronmeissner