search

renovatebot / config-help

Please use the Discussions feature of https://github.com/renovatebot/renovate instead
https://github.com/renovatebot/renovate/discussions
MIT License
27 stars 16 forks source link

Bump all dev dependencies together (optimistically) #916

Closed mmkal closed 4 years ago

mmkal commented 4 years ago

Which Renovate are you using?

WhiteSource Renovate App

Which platform are you using?

GitHub.com

What would you like to do?

This might not be possible, in which case this can be moved to the main repo as a feature request. Renovate can be quite noisy for low-traffic repos with lots of dev dependencies. For example, a repo that gets one or two commits per month will often have its history overwhelmingly comprised of renovate commits.

My question is a three-parter, with each part following on from the last:

  1. What's the recommended setup for repos like this?
  2. One extreme option would be to group all dev dependencies together, and update them once per week/fortnight. Is this possible via packageRules?
  3. A way of making that less extreme, and I suspect this isn't possible, but it might be what a human version of renovate would do: is it possible to try to update a large group of dependencies, see if CI is happy, and if it's not happy, do some kind of binary search to isolate the dependency upgrade that breaks the build, and open two PRs - one green with most of the upgrades that cause no issue, and one red with the specific issue caused by a dependency's breaking change. Can something like this be done?
rarkins commented 4 years ago

Assuming you're talking about npm, you can definitely do the dev dependencies package rules like so:

{
  "packageRules": [{
    "depTypeList": ["devDependencies"],
    "updateTypes": ["minor", "patch"],
    "groupName": "dev dependencies",
    "extends": ["schedule:weekly"]
  }]
}

I wouldn't recommend grouping major updates together due to chance of breaking changes.

For the last part of your question, I think you'd be interested in https://github.com/renovatebot/renovate/issues/4404

The idea is:

The idea is pretty simple and I think would be very useful, but I'm still stuck on what to do with some "edge cases", e.g. what to do with the rollup PR if the individual branches which were previously green now need rebasing due to conflicts? If you have suggestions on how to handle the various cases like that, it would help move us closer to implementation.

mmkal commented 4 years ago

@rarkins thank you! Yes it looks like that issue covers the last question. Will close this since the config suggestion covers the rest.