Automated Dependency Updates

Renovate Bot keeps source code dependencies up-to-date using automated Pull Requests. It will scan repositories for dependencies inside package.json (npm/yarn), package.js (Meteor), Dockerfile/docker-compose.yml (Docker), requirements.txt (Python/PIP), composer.json (PHP), Buildkite pipeline, .travis.yml (Travis) and WORKSPACE (Bazel) files, and submit Pull Requests with updated versions whenever they are found.

The Renovate Bot App is free for Open Source repositories, while a paid plan from GitHub Marketplace is required for private repositories.

Intelligent, helpful onboarding


Install Renovate risk-free and you'll first receive an onboarding Pull Request. It analyzes your repository and tells you what will happen next, so there's no surprises.

Unopinionated, highly flexible configuration

  "rangeStrategy": "pin",
  "ignorePaths": ["examples/**"],
  "packageRules": [{
    "packagePatterns": ["^angular.*"],
    "groupName": "angular",
    "automerge": true

Modify any of Renovate's smart defaults with custom overrides at the repository, package file, dependency type, and package levels.

Support for monorepo directory structures


Renovate will scan all files in each repository to look for relevant package files. It will also group upgrades from the same monorepo into a single PR to ensure tests pass and PR noise is reduced. Natively supports Lerna and Yarn Workspaces with zero configuration necessary.

Automatic lock file support

lock file support

Renovate will generate updated package-lock.json or yarn.lock files if you're already using them. It will also immediately resolve any conflicts after merges hands-free by detecting this and regenerating the lock files.

Ease the noise with custom schedules

  "timezone": "America/New_York",
  "schedule": "before 5am every weekday",
  "lockFileMaintenance": {
    "enabled": true,
    "schedule": "after 10pm on sunday"
  "packageRules": [{
    "packageNames": ["aws-sdk"],
    "schedule": "before 5am every wednesday"

Throttle updates however you want with schedules, configurable right down to the per-package level.

Rules-based automerging


Merge some updates without human intervention if they pass tests and satisfy your automerge rules.

Install Now


Renovate is provided by a third-party and is governed by separate terms, privacy, and support documentation.