Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not group upgrades of dependencies on major version 0 #1610

Merged
merged 1 commit into from
Jun 22, 2024
Merged

Do not group upgrades of dependencies on major version 0 #1610

merged 1 commit into from
Jun 22, 2024

Conversation

abaguas
Copy link
Collaborator

@abaguas abaguas commented Jun 17, 2024
edited
Loading

Currently there is a Renovate Bot rule grouping all minor and patch dependency updates in a single pull request. However, packages that follow SemVer are allowed to make breaking changes in any 0.x version. This led to a situation where the PR to bump the group all non-major dependencies has a red pipeline (#1052) which cannot be merged since many months.

This PR attempts to fix the problem by excluding version 0.x from the all non-major dependencies group (as documented in https://docs.renovatebot.com/configuration-options/#matchupdatetypes). These updates will instead be handled in a dedicated PR. This should prevent benign minor and patch upgrades from being blocked as well as allow us to easily identify the dependency bumps that introduce breaking changes.

Note: the preset group:allNonMajor is removed since we are not using it anymore, as we override it.

@abaguas
Dependency cleanup
79278da 
Signed-off-by: abaguas <andre.aguas@protonmail.com>
ytsarev
ytsarev reviewed Jun 22, 2024
View reviewed changes
Copy link
Member

@ytsarev ytsarev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just for clarity, why are we focusing exactly on version 0.x and not on any minor(as in https://semver.org/) as 1.x or y.x ?

@abaguas
Copy link
Collaborator Author

abaguas commented Jun 22, 2024

Just for clarity, why are we focusing exactly on version 0.x and not on any minor(as in https://semver.org/) as 1.x or y.x ?

Because packages on version 0.x are allowed to make breaking changes on patch upgrades, but y.x (where y > 0) are not. With this change the update all non-major dependencies PR will only upgrade libraries that do not bring breaking changes, thus we will be able to merge it easily.

@ytsarev
Copy link
Member

ytsarev commented Jun 22, 2024

Because packages on version 0.x are allowed to make breaking changes on patch upgrades, but y.x (where y > 0) are not.

Got it, I am not sure if this assumption is true to all packages but it's definitely close to reality, so let's sort them out this way. Thanks a lot for the contribution!

@ytsarev ytsarev merged commit aad0508 into k8gb-io:master Jun 22, 2024
9 checks passed
abaguas added a commit to abaguas/k8gb that referenced this pull request Jun 26, 2024
@abaguas
increase number of renovate PRs
ba0c75e 
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.
@abaguas abaguas mentioned this pull request Jun 26, 2024
Merged
abaguas added a commit to abaguas/k8gb that referenced this pull request Jun 26, 2024
@abaguas
increase number of renovate PRs
88b1d41 
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.

Signed-off-by: abaguas <andre.aguas@protonmail.com>
ytsarev pushed a commit that referenced this pull request Jun 27, 2024
@abaguas
increase number of renovate PRs (#1615)
85c5c7e 
Since #1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: #1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.

Signed-off-by: abaguas <andre.aguas@protonmail.com>
@abaguas abaguas deleted the renovatebot/major0 branch July 9, 2024 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ytsarev ytsarev ytsarev approved these changes

@donovanmuller donovanmuller Awaiting requested review from donovanmuller donovanmuller is a code owner

@k0da k0da Awaiting requested review from k0da k0da is a code owner

@kuritka kuritka Awaiting requested review from kuritka kuritka is a code owner

@jkremser jkremser Awaiting requested review from jkremser jkremser is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@abaguas @ytsarev