Arcanemagus
commented
6 years ago Dependencies are already being managed by GreenKeeper...
Closed stipsan closed 6 years ago
Arcanemagus
commented
6 years ago Dependencies are already being managed by GreenKeeper...
Arcanemagus
commented
6 years ago Although it looks like Travis CI and AppVeyor have both been failing to build the branches it has been creating π€¦ββοΈ.
stipsan
commented
6 years ago Yeah, I opened this by accident. I use renovate on a yarn monorepo (since greenkeeper only support one package.json per repo, while renovate supports both yarn.lock files and as many package.json files as you have).
It stopped working almost a week ago, so I used https://www.npmjs.com/package/renovate locally to try and debug the config and to do a test run to see reports to why it didn't open a PR. So I used GITHUB_TOKEN=[β¦] npx renovate --autodiscover thinking the autodiscover didn't do anything beyond the description "Run renovate on all repositories that the account has access to".
Now, fun fact: I thought this means "Run renovate on all repositories that renovate is setup on". But it actually means that for any repo that currently don't have renovate setup a PR like this one is created.
This is one of many PRs I accidentally opened today π
In any case though, I do recommend using renovate over greenkeeper in general as it has far more options and control over what dependencies should be grouped, and how often and at what times of the day, or day of the month, you want PRs to be created to avoid all the noise that greenkeeper tends to create π
Arcanemagus
commented
6 years ago GreenKeeper is already at (at least) 3 strikes now, so it's definitely on my radar to look into switching, reconfiguring things on all the repos though is a daunting task that I haven't had time to work on though π.
and how often and at what times of the day, or day of the month, you want PRs to be created to avoid all the noise that GreenKeeper tends to create
Limiting PRs to certain times of the day is actually something I would never use, I want to know ASAP if something is broken. GreenKeeper only sends PRs when the specs fail or the new version is outside the range so that part of it is already how I would want things to work... the issues are repos where it has silently stopped working or never started working in the first place. π
stipsan
commented
6 years ago Yeah it's quite daunting but I have been using it for a while now (for products) and will start switching to it on my own npm packages soon π I can help with getting it setup here, once you got a good configuration it's simple enough to copy the config file to the other repos.
Yeah you're right that for a project like this it makes more sense to know about it right away. I was thinking from a product perspective (which is where I've used renovate so far) and not from a library perspective :)
You should know that this is also something renovate does quite well. It mentions this in the docs: https://renovateapp.com/docs/deep-dives/dependency-pinning#why-use-ranges check "Ranges for Libraries". This way it'll behave like GK, only opening a PR if something broke or there's a new version outside the current specified range. The grouping feature is also really nice, since it supports pattern matching. In my setups I use it to group together everything related to eslint, same with babel and webpack. This made upgrading to webpack v4 for instance easier since all the related dependencies were updated in the same PR allowing me to pin point what I needed to fix in order to make the upgrade.
It also knows how to deal with prereleases. So if you need to use an v2.0.0-alpha.0 something it'll keep you up to date on feature unstable releases according to semver until a stable release is out, at which point it'll stick to stable releases.
It's also super nice to configure it to automatically merge devDependencies if all status checks are ok, but on dependencies require a human to do it.
If you want to know more I recommend checking the FAQ: https://renovateapp.com/docs/all-other/faq
And if you want I can help you set it up. First step would be if you go here and setup the github app on a repo like this one https://renovateapp.com This will start an interactive PR that is managed by the renovate bot directly, allowing us to change the config file and get feedback in the PR description what the result of the config is. Once we're happy with config all we need to do is copy the config file to the other repos and enable the bot on them and we're done π
Welcome to Renovate!
This is an onboarding PR to help you understand and configure Renovate before regular Pull Requests begin. Once you merge or close this Pull Request, Renovate will begin keeping your dependencies up-to-date.
If you have any questions, try reading our Docs, particularly the Getting Started section. You can post questions in our Config Help repository or @ the app author @rarkins in this PR and he'll probably see it.
Detected Package Files
package.jsonConfiguration Summary
Based on the currently configured presets, Renovate will:
renovate/as prefix for all branch namesfixfor dependencies andchorefor all othersnode_modules,bower_components, and various test/tests directoriespackage.jsonis modifiedWould you like to change the way Renovate is upgrading your dependencies? Simply edit the
renovate.jsonin this branch and this Pull Request description will be updated the next time Renovate runs. Try to use Config Presets (theextendsarray) when possible rather than raw config, as then this PR will be able to more accurately describe your settings.What to Expect
With your current configuration, Renovate will create 1 Pull Request:
Pin Dependencies
renovate/pin-dependenciesdevDependenciesto1.3.1devDependenciesto2.9.0devDependenciesto12.1.0devDependenciesto4.19.0dependenciesto4.6.2dependenciesto10.0.0This PR has been generated by Renovate Bot.