123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158 |
- {
- $schema: 'https://docs.renovatebot.com/renovate-schema.json',
- extends: [
- 'config:recommended',
- 'customManagers:dockerfileVersions',
- ':labels(dependencies)',
- ':prConcurrentLimitNone', // Remove limit for open PRs at any time.
- ':prHourlyLimit2', // Rate limit PR creation to a maximum of two per hour.
- ],
- rebaseWhen: 'conflicted',
- minimumReleaseAge: '3', // Wait 3 days after the package has been published before upgrading it
- // packageRules order is important, they are applied from top to bottom and are merged,
- // meaning the most important ones must be at the bottom, for example grouping rules
- // If we do not want a package to be grouped with others, we need to set its groupName
- // to `null` after any other rule set it to something.
- dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
- postUpdateOptions: ['yarnDedupeHighest'],
- packageRules: [
- {
- // Require Dependency Dashboard Approval for major version bumps of these node packages
- matchManagers: ['npm'],
- matchPackageNames: [
- 'tesseract.js', // Requires code changes
- 'react-hotkeys', // Requires code changes
- // Requires Webpacker upgrade or replacement
- '@svgr/webpack',
- '@types/webpack',
- 'babel-loader',
- 'compression-webpack-plugin',
- 'css-loader',
- 'imports-loader',
- 'mini-css-extract-plugin',
- 'postcss-loader',
- 'sass-loader',
- 'terser-webpack-plugin',
- 'webpack',
- 'webpack-assets-manifest',
- 'webpack-bundle-analyzer',
- 'webpack-dev-server',
- 'webpack-cli',
- // react-router: Requires manual upgrade
- 'history',
- 'react-router-dom',
- ],
- matchUpdateTypes: ['major'],
- dependencyDashboardApproval: true,
- },
- {
- // Require Dependency Dashboard Approval for major version bumps of these Ruby packages
- matchManagers: ['bundler'],
- matchPackageNames: [
- 'rack', // Needs to be synced with Rails version
- 'strong_migrations', // Requires manual upgrade
- 'sidekiq', // Requires manual upgrade
- 'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
- 'redis', // Requires manual upgrade and sync with Sidekiq version
- ],
- matchUpdateTypes: ['major'],
- dependencyDashboardApproval: true,
- },
- {
- // Update GitHub Actions and Docker images weekly
- matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
- extends: ['schedule:weekly'],
- },
- {
- // Require Dependency Dashboard Approval for major & minor bumps for the ruby image, this needs to be synced with .ruby-version
- matchManagers: ['dockerfile'],
- matchPackageNames: ['moritzheiber/ruby-jemalloc'],
- matchUpdateTypes: ['minor', 'major'],
- dependencyDashboardApproval: true,
- },
- {
- // Require Dependency Dashboard Approval for major bumps for the node image, this needs to be synced with .nvmrc
- matchManagers: ['dockerfile'],
- matchPackageNames: ['node'],
- matchUpdateTypes: ['major'],
- dependencyDashboardApproval: true,
- },
- {
- // Require Dependency Dashboard Approval for major postgres bumps in the docker-compose file, as those break dev environments
- matchManagers: ['docker-compose'],
- matchPackageNames: ['postgres'],
- matchUpdateTypes: ['major'],
- dependencyDashboardApproval: true,
- },
- {
- // Update devDependencies every week, with one grouped PR
- matchManagers: ['npm'],
- matchDepTypes: 'devDependencies',
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'devDependencies (non-major)',
- extends: ['schedule:weekly'],
- },
- {
- // Group all eslint-related packages with `eslint` in the same PR
- matchManagers: ['npm'],
- matchPackageNames: ['eslint', 'eslint-*', '@typescript-eslint/*'],
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'eslint (non-major)',
- },
- {
- // Group actions/*-artifact in the same PR
- matchManagers: ['github-actions'],
- matchPackageNames: [
- 'actions/download-artifact',
- 'actions/upload-artifact',
- ],
- matchUpdateTypes: ['major'],
- groupName: 'artifact actions (major)',
- },
- {
- // Update @types/* packages every week, with one grouped PR
- matchManagers: ['npm'],
- matchPackageNames: '@types/*',
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'DefinitelyTyped types (non-major)',
- extends: ['schedule:weekly'],
- addLabels: ['typescript'],
- },
- {
- // We want those packages to always have their own PR
- matchManagers: ['npm'],
- matchPackageNames: [
- 'typescript', // Typescript has code-impacting changes in minor versions
- ],
- groupName: null, // We dont want them to belong to any group
- },
- {
- // Group all RuboCop packages with `rubocop` in the same PR
- matchManagers: ['bundler'],
- matchPackageNames: ['rubocop', 'rubocop-*'],
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'RuboCop (non-major)',
- },
- {
- // Group all RSpec packages with `rspec` in the same PR
- matchManagers: ['bundler'],
- matchPackageNames: ['rspec', 'rspec-*'],
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'RSpec (non-major)',
- },
- {
- // Group all opentelemetry-ruby packages in the same PR
- matchManagers: ['bundler'],
- matchPackageNames: ['opentelemetry-*'],
- matchUpdateTypes: ['patch', 'minor'],
- groupName: 'opentelemetry-ruby (non-major)',
- },
- // Add labels depending on package manager
- { matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
- { matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
- { matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
- { matchManagers: ['github-actions'], addLabels: ['github_actions'] },
- ],
- }
|