.png)
In Software Development keeping up to date with technology updates is crucial. This is true both for developers as they learn and renew their skills, and also for the projects they work on and maintain.
When the project grows, new features and libraries are added. But the versions of the libraries and packages remain the same the team never updates them. That is why Renovate was born.
What is Renovate?
Renovate is an Open Source tool to automate:
Detecting dependencies in a repository (Open Source and private/closed source)
Checking if there are dependency updates
Creating commits and Merge/Pull Requests to update dependencies
Showing the release notes
Why use Renovate?
Get automated Pull Requests to update your dependencies
Solving problems from old versions.
Decreasing the time needed to fix vulnerabilities
Increasing the overall performance.
Adding new features.
Open-source (installable via npm/Yarn or Docker Hub) so can be self-hosted or used via GitHub App
...
How to use Renovate?
Install via npm
npm install --save-dev renovateCreate a renovate.json file and place it in the root directory of your repo. If you are using nx to develop front-end, you can ignore nx packages because they are managed automatically by nx framework. You can refer to this document if you want to customize the settings
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["config:base", "group:allNonMajor"],
"baseBranches": ["develop"],
"packageRules": [
{
"matchDepTypes": ["engines"],
"enabled": false
}
],
"ignoreDeps": [
"@nrwl/angular",
"@nrwl/cli",
"@nrwl/create-nx-plugin",
"@nrwl/create-nx-workspace",
"@nrwl/cypress",
"@nrwl/detox",
"@nrwl/devkit",
"@nrwl/eslint-plugin-nx",
"@nrwl/express",
"@nrwl/gatsby",
"@nrwl/jest",
"@nrwl/js",
"@nrwl/linter",
"@nrwl/nest",
"@nrwl/next",
"@nrwl/node",
"@nrwl/nx-plugin",
"@nrwl/nx",
"@nrwl/react-native",
"@nrwl/react",
"@nrwl/storybook",
"@nrwl/tao",
"@nrwl/web"
]
}
Please remember to push the renovate commit to the default branch beforing runing renovate command
npx renovate --token ${{ github_secret_token }} --platform github --endpoint https://github.com/api/v3/ ${{ github.repository }}Open the PR in your repository and you will see there are a lot of dependencies that need to be updated
With the above renovate configuration.
All non-major packages will be combined updating in only one Pull Request.
The major version will be updated in another separated Pull Request
Inside every Pull Request will have
List of the package(s) need to be updated with Change version
Release notes and also the Vulnerability Alerts
After reviewing the PRs, you are able to merge them to your defined base branch
That's all for Renovate. Hope you enjoy trying!
There are a dozen of features you may want to try here
Komentáře