-
-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use renovate #10422
Use renovate #10422
Conversation
|
"$schema": "https://docs.renovatebot.com/renovate-schema.json", | ||
"extends": ["config:base", "schedule:weekly", "group:allNonMajor"], | ||
"labels": ["dependencies"], | ||
"rangeStrategy": "bump", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This line will bump the dependency range in package.json
. I think it's nice, but if we don't want to and prefer to update the lockfile only like before, it's also possible by removing this line.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would agree this would be best practices to me since the lock file is going to get updated anyways from someone building the library
Renovate would be a great thing but I would want to keep a tab and make sure it's on manual pr acceptance. Since automatic could break a lot of astro but you should consider |
@bluwy can give us a brief summary of how renovate will work, please? Like, will it create pr? What will it update/commit? |
@ematipico I've updated the description (notes) to add a bit more details. Let me know if I'm missing something. I think the linked PR examples are the best way to see how it works in practice. @Eveeifyeve I've not used dependabot in the past because it didn't support grouped PRs (grouping multiple deps upgrade in one PR) until only recently. So I'm not really familiar with configuring it and can't quite vouch if there's any caveats in the long run. Happy to give it a shot though if you'd like to send a PR setting up |
I suppose we need to coordinate the merging of this PR with @matthewp so he can grant the permissions to renovate bot to run in the repository |
Yes, I'll add this to my board. |
Changes
This PR is opened as a discussion if we want to use renovate! If so, we can merge this PR, then someone with repo perms can setup the renovate github app following this instruction. I'd suggest giving the github app access to this repo only as a start.
This PR removes the
nightly.yml
workflow in favor of renovate. The renovate github app is free to use for public/private repos. I'm currently using it for Vite and Svete orgs and I find it helpful. Some benefits:Notes:
Testing
I copied the config from Vite and tweaked a bit.
Docs
n/a