2023-06-06 18:42:23 +10:00
{
$schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: [
2023-08-14 20:08:43 +10:00
'config:recommended',
2023-06-06 18:42:23 +10:00
':labels(dependencies)',
2023-08-14 20:08:43 +10:00
':prConcurrentLimitNone', // Remove limit for open PRs at any time.
2023-08-14 22:53:13 +10:00
':prHourlyLimit2', // Rate limit PR creation to a maximum of two per hour.
2023-06-06 18:42:23 +10:00
],
2023-08-14 22:53:13 +10:00
minimumReleaseAge: '3', // Wait 3 days after the package has been published before upgrading it
2023-06-06 18:42:23 +10:00
// packageRules order is important, they are applied from top to bottom and are merged,
2023-07-17 17:33:22 +10:00
// meaning the most important ones must be at the bottom, for example grouping rules
// If we do not want a package to be grouped with others, we need to set its groupName
// to `null` after any other rule set it to something.
2023-08-14 20:08:43 +10:00
dependencyDashboardHeader: 'This issue lists Renovate updates and detected dependencies. Read the [Dependency Dashboard](https://docs.renovatebot.com/key-concepts/dashboard/) docs to learn more. Before approving any upgrade: read the description and comments in the [`renovate.json5` file](https://github.com/mastodon/mastodon/blob/main/.github/renovate.json5).',
2023-11-09 21:15:58 +11:00
postUpdateOptions: ['yarnDedupeHighest'],
2023-06-06 18:42:23 +10:00
packageRules: [
{
2023-08-14 20:08:43 +10:00
// Require Dependency Dashboard Approval for major version bumps of these node packages
2023-06-06 18:42:23 +10:00
matchManagers: ['npm'],
matchPackageNames: [
'tesseract.js', // Requires code changes
'react-hotkeys', // Requires code changes
// Requires Webpacker upgrade or replacement
2023-11-28 21:03:32 +11:00
'@svgr/webpack',
2023-06-06 18:42:23 +10:00
'@types/webpack',
'babel-loader',
'compression-webpack-plugin',
'css-loader',
'imports-loader',
'mini-css-extract-plugin',
'postcss-loader',
'sass-loader',
'terser-webpack-plugin',
'webpack',
'webpack-assets-manifest',
'webpack-bundle-analyzer',
'webpack-dev-server',
'webpack-cli',
// react-router: Requires manual upgrade
'history',
'react-router-dom',
],
matchUpdateTypes: ['major'],
2023-08-14 22:53:13 +10:00
dependencyDashboardApproval: true,
2023-06-06 18:42:23 +10:00
},
{
2023-08-14 20:08:43 +10:00
// Require Dependency Dashboard Approval for major version bumps of these Ruby packages
2023-06-06 18:42:23 +10:00
matchManagers: ['bundler'],
matchPackageNames: [
2023-07-17 17:33:22 +10:00
'rack', // Needs to be synced with Rails version
2023-06-06 18:42:23 +10:00
'strong_migrations', // Requires manual upgrade
'sidekiq', // Requires manual upgrade
'sidekiq-unique-jobs', // Requires manual upgrades and sync with Sidekiq version
'redis', // Requires manual upgrade and sync with Sidekiq version
],
matchUpdateTypes: ['major'],
2023-08-14 22:53:13 +10:00
dependencyDashboardApproval: true,
2023-06-06 18:42:23 +10:00
},
{
// Update Github Actions and Docker images weekly
matchManagers: ['github-actions', 'dockerfile', 'docker-compose'],
extends: ['schedule:weekly'],
},
{
2023-08-14 20:08:43 +10:00
// Require Dependency Dashboard Approval for major & minor bumps for the ruby image, this needs to be synced with .ruby-version
2023-06-06 18:42:23 +10:00
matchManagers: ['dockerfile'],
matchPackageNames: ['moritzheiber/ruby-jemalloc'],
matchUpdateTypes: ['minor', 'major'],
2023-08-14 22:53:13 +10:00
dependencyDashboardApproval: true,
2023-06-06 18:42:23 +10:00
},
{
2023-08-14 20:08:43 +10:00
// Require Dependency Dashboard Approval for major bumps for the node image, this needs to be synced with .nvmrc
2023-06-06 18:42:23 +10:00
matchManagers: ['dockerfile'],
matchPackageNames: ['node'],
matchUpdateTypes: ['major'],
2023-08-14 22:53:13 +10:00
dependencyDashboardApproval: true,
2023-06-06 18:42:23 +10:00
},
{
2023-08-14 20:08:43 +10:00
// Require Dependency Dashboard Approval for major postgres bumps in the docker-compose file, as those break dev environments
2023-06-06 18:42:23 +10:00
matchManagers: ['docker-compose'],
matchPackageNames: ['postgres'],
matchUpdateTypes: ['major'],
2023-08-14 22:53:13 +10:00
dependencyDashboardApproval: true,
2023-06-06 18:42:23 +10:00
},
{
// Update devDependencies every week, with one grouped PR
matchDepTypes: 'devDependencies',
matchUpdateTypes: ['patch', 'minor'],
groupName: 'devDependencies (non-major)',
extends: ['schedule:weekly'],
},
2023-07-17 17:33:22 +10:00
{
// Group all eslint-related packages with `eslint` in the same PR
matchManagers: ['npm'],
matchPackageNames: ['eslint'],
matchPackagePrefixes: ['eslint-', '@typescript-eslint/'],
matchUpdateTypes: ['patch', 'minor'],
groupName: 'eslint (non-major)',
},
2023-12-19 01:02:19 +11:00
{
// Group actions/*-artifact in the same PR
matchManagers: ['github-actions'],
2023-12-19 21:59:43 +11:00
matchPackageNames: [
'actions/download-artifact',
'actions/upload-artifact',
],
2023-12-19 01:02:19 +11:00
matchUpdateTypes: ['major'],
2023-12-19 21:59:43 +11:00
groupName: 'artifact actions (major)',
2023-12-19 01:02:19 +11:00
},
2023-06-06 18:42:23 +10:00
{
// Update @types/* packages every week, with one grouped PR
matchPackagePrefixes: '@types/',
matchUpdateTypes: ['patch', 'minor'],
groupName: 'DefinitelyTyped types (non-major)',
extends: ['schedule:weekly'],
addLabels: ['typescript'],
},
2023-07-17 17:33:22 +10:00
{
// We want those packages to always have their own PR
matchManagers: ['npm'],
matchPackageNames: [
'typescript', // Typescript has code-impacting changes in minor versions
],
groupName: null, // We dont want them to belong to any group
},
2023-06-07 02:53:43 +10:00
// Add labels depending on package manager
{ matchManagers: ['npm', 'nvm'], addLabels: ['javascript'] },
{ matchManagers: ['bundler', 'ruby-version'], addLabels: ['ruby'] },
{ matchManagers: ['docker-compose', 'dockerfile'], addLabels: ['docker'] },
{ matchManagers: ['github-actions'], addLabels: ['github_actions'] },
2023-06-06 18:42:23 +10:00
],
}