99% of the time we should not Renovate forked repositories. Previously, we skipped onboarding them unless a renovate.json was present. However, that meant that if someone forked a repository where the source was using Renovate, then the fork gets renovated automatically too. After this change, forked repositories need to set renovateFork=true in their renovate.json
Closes#940
BREAKING CHANGE: Forked repositories now need to configure renovateFork=true in renovate.json
Renovate will now check ignorePaths values for either (a) a string match, or (b) glob pattern. e.g. a string of ‘node_modules/‘ will ignore ‘node_modules/foo/package.json’ and ‘backend/node_modules/foo/package.json’ but it will also ignore ‘not_node_modules/foo/package.json` too. Therefore a blog pattern of `**/node_modules/**` is superior.
Closes#1054
BREAKING CHANGE: ignorePaths now supports globs and may match more than before, but that’s probably a good thing.
By defaulting pinVersions to null, this allows Renover to autodetect on a per-package file basis. Users may still manually configure (override autodetection) pinning enabled or disabled via config.
Closes#589
BREAKING CHANGE: Renovate will no longer default to pinning versions - instead it will autodetect whether to pin, unless overrided.
This feature enables docker tag "upgrading". Examples:
- From `node:6` to `node:8`
- From `node:6.10` to `node:6.11`
- From `node:6.11.1` to `node:6.11.3`
- From `node:6.10-onbuild` to `node:6.11-onbuild`
Currently these are disabled by default so they are opt-in, you can enable them by setting e.g. `{ docker: { minor: { enabled: true }, major: { enabled: true }}`
Closes#930
This commonly applies to monorepos where the same dependency may be present in multiple.json files. Instead of using the group name to describe the PR, it uses the dependency name.
Closes#848
By default, Renovate will now continue *updating* - but not creating - branches even if off-schedule. This applies to features such as (a) rebasing branches if master changes, (b) updating if new version comes, (c) creating PRs if tests pass, (d) automerging. It is planned that (b) will be configurable in a future feature. To disable this behaviour altogether, set updateNotScheduled to false.
Closes#879
Setting lockFileMaintenance.groupName = null will prevent the case where the user configures a repository groupName like “all” and then that group inherits the schedule of lock file maintenance. Instead, there will be renovate/all and renovate/lock-file-maintenance.
Fixes#885
This feature adds initial support for renovating Dockerfiles. Renovate now:
- Detects all `Dockerfile`s in repo
- Searches for `FROM x` in first non-comment line, breaks x into image, tag, digest
- Queries public Docker registry for image:tag combination to find latest digest
- Patches Dockerfile if necessary
- Creates branches/PRs as like with npm
Closes#795
This feature adds support for renovating Meteor's `package.js` files. Meteor config is disabled by default so must be manually enabled to work. If enabled, Renovate uses GitHub's search API to look for any files named `package.js` that include the text `Npm.depends`. If so then the file is parsed using Regex to extract its dependencies and check them for updates.
Closes#785
* fix: migrate “every xday” to “on xday”
* fix: do not migrate before and after if before is after after
e.g. do not migrate “after 1am and before 5am”
A new config object `encrypted` can be defined at any level and contain encrypted configuration strings. Initial use is for encrypting an npm token for use with the hosted renovate app.
Closes#650
Renovate config can now support the fields `npmToken`, `npmrc` and `yarnrc`. `npmrc` and `yarnrc` (note no `.` prefix) can be used as an alternative to checking the respective files into the repo and have the same effect. `npmToken` is a shorter alternative and allows for just the npm token to be added, defaulting to the public npm registry.
We should not leave the PR unopened forever if the branch remains in not-pending state too long. Some status checks may leave the status as “pending” instead of “failed”. Defaults to 12 hours but is configurable.
Closes#747