-
Notifications
You must be signed in to change notification settings - Fork 94
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Do not group upgrades of dependencies on major version 0 #1610
Conversation
Signed-off-by: abaguas <[email protected]>
aea7b38
to
79278da
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just for clarity, why are we focusing exactly on version 0.x
and not on any minor(as in https://semver.org/) as 1.x
or y.x
?
Because packages on version |
Got it, I am not sure if this assumption is true to all packages but it's definitely close to reality, so let's sort them out this way. Thanks a lot for the contribution! |
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR. The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes. In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR. The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes. In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes. Signed-off-by: abaguas <[email protected]>
Since #1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR. The maximum number of concurrent PRs is 5 which results in rate-limiting: #1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes. In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes. Signed-off-by: abaguas <[email protected]>
Currently there is a Renovate Bot rule grouping all minor and patch dependency updates in a single pull request. However, packages that follow SemVer are allowed to make breaking changes in any
0.x
version. This led to a situation where the PR to bump the groupall non-major dependencies
has a red pipeline (#1052) which cannot be merged since many months.This PR attempts to fix the problem by excluding version
0.x
from theall non-major dependencies
group (as documented in https://docs.renovatebot.com/configuration-options/#matchupdatetypes). These updates will instead be handled in a dedicated PR. This should prevent benign minor and patch upgrades from being blocked as well as allow us to easily identify the dependency bumps that introduce breaking changes.Note: the preset group:allNonMajor is removed since we are not using it anymore, as we override it.