Update renovate.json to ignore packages #685
Conversation
|
Quick question here, not necessarily a change request: for webhook, we get norman pulled-in as an indirect dep. Do we also need to protect against indirect norman bumps to major/minor versions with this? |
I'm not sure what the behavior of renovate is wrt indirect dependencies, however looking at the list of renovate PR, I don't see one targeting norman alone. As such, it's likely we don't need any rules here for this. |
crobby
left a comment
crobby
left a comment
There was a problem hiding this comment.
This seems like a reasonable enhancement. I'm not sure how to "try" this without merge and try, but it seems like a sensible thing to try. If the experiment goes well here, we can expand it to other repos.
tomleb
left a comment
tomleb
left a comment
There was a problem hiding this comment.
Yeah let's try it out and we'll see.
|
This seems to be working. Renovate closed #684. |
|
@rohitsakala yes, I see #697 is still opened though 🤔
{
"enabled": false,
"groupName": "gomod-k8sio-dependencies"
},to turn it off |
|
@rohitsakala maybe, we should be able to test it locally. Looking at my bash history, I have the following command I was using for testing renovate: docker run --rm -v $PWD:/repo:ro -e LOG_LEVEL=debug -e GITHUB_COM_TOKEN="$(gh auth token)" -it --workdir /repo renovate/renovate:slim renovate --platform=local | tee ok.logIIRC it has some limitations but in the past I was able to see what renovate was going to do. |
|
@tomleb Yes, we need to test it. |
3 participants
Issue rancher/rancher#49156
Implemented a part of it as I faced that specific problem.