Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Do not group upgrades of dependencies on major version 0 #1610

Merged
merged 1 commit into from
Jun 22, 2024

Conversation

abaguas
Copy link
Collaborator

@abaguas abaguas commented Jun 17, 2024

Currently there is a Renovate Bot rule grouping all minor and patch dependency updates in a single pull request. However, packages that follow SemVer are allowed to make breaking changes in any 0.x version. This led to a situation where the PR to bump the group all non-major dependencies has a red pipeline (#1052) which cannot be merged since many months.

This PR attempts to fix the problem by excluding version 0.x from the all non-major dependencies group (as documented in https://docs.renovatebot.com/configuration-options/#matchupdatetypes). These updates will instead be handled in a dedicated PR. This should prevent benign minor and patch upgrades from being blocked as well as allow us to easily identify the dependency bumps that introduce breaking changes.


Note: the preset group:allNonMajor is removed since we are not using it anymore, as we override it.

Signed-off-by: abaguas <[email protected]>
@abaguas abaguas force-pushed the renovatebot/major0 branch from aea7b38 to 79278da Compare June 17, 2024 22:05
Copy link
Member

@ytsarev ytsarev left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just for clarity, why are we focusing exactly on version 0.x and not on any minor(as in https://semver.org/) as 1.x or y.x ?

@abaguas
Copy link
Collaborator Author

abaguas commented Jun 22, 2024

Just for clarity, why are we focusing exactly on version 0.x and not on any minor(as in https://semver.org/) as 1.x or y.x ?

Because packages on version 0.x are allowed to make breaking changes on patch upgrades, but y.x (where y > 0) are not. With this change the update all non-major dependencies PR will only upgrade libraries that do not bring breaking changes, thus we will be able to merge it easily.

@ytsarev
Copy link
Member

ytsarev commented Jun 22, 2024

Because packages on version 0.x are allowed to make breaking changes on patch upgrades, but y.x (where y > 0) are not.

Got it, I am not sure if this assumption is true to all packages but it's definitely close to reality, so let's sort them out this way. Thanks a lot for the contribution!

@ytsarev ytsarev merged commit aad0508 into k8gb-io:master Jun 22, 2024
9 checks passed
abaguas added a commit to abaguas/k8gb that referenced this pull request Jun 26, 2024
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.
abaguas added a commit to abaguas/k8gb that referenced this pull request Jun 26, 2024
Since k8gb-io#1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: k8gb-io#1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (k8gb-io#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.

Signed-off-by: abaguas <[email protected]>
ytsarev pushed a commit that referenced this pull request Jun 27, 2024
Since #1610 was merged the number of PRs created by renovate increased, as bumps of libraries on version 0.x are handled in a dedicated PR.
The maximum number of concurrent PRs is 5 which results in rate-limiting: #1048. The proposal is to increase it to 15 so that we can see and tackle the PRs containing potential breaking changes.

In addition, the `update all non-major dependencies` group should very rarely contain breaking changes (#1052) so I proposal to turn on automerge (if the pipeline is green ofc). This should save the maintainers some precious minutes.

Signed-off-by: abaguas <[email protected]>
@abaguas abaguas deleted the renovatebot/major0 branch July 9, 2024 18:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants