Commit graph

302 commits

Author SHA1 Message Date
Rhys Arkins
804484ed0f refactor: change npm/yarn cache dirs 2018-09-24 13:10:09 +02:00
Rhys Arkins
19a77f8901 fix(npm): force package-lock.json update when widening
Removes dependency record from package-lock.json before running “npm install” to ensure the latest version is installed.

Closes #2480
2018-09-22 18:17:49 +02:00
Rhys Arkins
4b3c2d23ac
feat: combine tmp storage (#2533)
Renovate will now put all its data in `path.join(os.tmpdir(), '/renovate’);` and will instruct npm and yarn to do the same. To force Renovate to use a specific folder, set `process.env.TMPDIR` when running. The previous variable `RENOVATE_TMPDIR` is now deprecated and will be rewritten to TMPDIR.

Closes #1794
2018-09-18 05:26:09 +02:00
Rhys Arkins
b29ea46f8b feat: bumpVersion mirror 2018-09-17 12:45:05 +02:00
Rhys Arkins
eeae416ac9
feat(npm): support git digest updates (#2528)
Adds support for renovating git references in `package.json` files. Supports updating semver tags or sha1 references ("commit hashes").

Also includes support for updating git references from *private* GitHub repositories, if the following conditions are met:
- Renovate user/token is authorised to read from the source private repository
- Dependency is written like `git+https://github.com/owner/repo.git#ref` in `package.json`

Closes #415, Closes #817
2018-09-17 11:18:18 +02:00
Rhys Arkins
c2eb51df54 feat(npm): support long git references
Part of #415
2018-09-17 10:55:27 +02:00
Rhys Arkins
c0eee811b2 refactor(npm): git ref semvers 2018-09-15 18:11:03 +02:00
Rhys Arkins
e7418b27a0 fix(npm): correct skipInstalls logic to consider config 2018-09-15 18:09:10 +02:00
Rhys Arkins
bad9c0770c refactor(npm): separate getDependency function 2018-09-15 18:01:11 +02:00
Rhys Arkins
e517a985c6 fix(npm): valid github owner/repo when extracting 2018-09-15 17:24:54 +02:00
Rhys Arkins
acf512a4ff feat: github semver tag support for npm
Detects github repos in package.json and keeps them up to date if they are using semver tags, e.g. `”github:gulpjs/gulp#v4.0.0-alpha.2”` will get updated to `”github:gulpjs/gulp#v4.0.0”`.

Part of #415 but not closing it yet.
2018-09-15 15:18:18 +02:00
Rhys Arkins
598d57c315 feat: binarySource
Defaulting to ‘bundled’ (default behaviour), this option can be changed to ‘global’ if you wish Renovate to use globally installed npm, yarn, pnpm and lerna binaries. Note: composer always uses global regardless.
2018-09-14 20:38:52 +02:00
Rhys Arkins
6feda1fd25 fix(lerna): detect changed lock files properly
Closes #2519
2018-09-14 06:07:53 +02:00
Rhys Arkins
dda0bade29
refactor: use single localDir per repo (#2505) 2018-09-12 06:30:01 +02:00
Rhys Arkins
bf7bb5a845 fix(npm): default lockfile value 2018-09-12 06:09:32 +02:00
Rhys Arkins
57fbdf7e57 fix(yarn): update resolutions in all cases 2018-09-11 05:25:54 +02:00
Rhys Arkins
b20dde2d53 fix: handle grouped monorepo lockFileMaintenance branches 2018-09-10 09:48:20 +02:00
Rhys Arkins
11c6be8fba refactor: deprecate copyLocalLibs
This can/should be enabled by default now.
2018-09-10 09:38:03 +02:00
Rhys Arkins
ccffdaf712 fix: throw error up if no disk space 2018-09-08 07:16:05 +02:00
Rhys Arkins
81818195b7 refactor: separate lockFileMaintenance per-package file
Closes #2464
2018-09-07 09:26:43 +02:00
Rhys Arkins
ed0bb8760e fix(yarn): throw errors when registry down
Detect strings in `yarn` `stderr` that indicate a registry problem and if found then throw a `registry-failure` error instead of continuing with a PR creation or update. This way they should be retried on each run until the registry is available again.

Closes #2474, Closes #2475
2018-09-04 18:06:07 +02:00
Rhys Arkins
08b44a062a chore: rename packageFile/fileName in extract 2018-08-24 17:49:32 +02:00
Rhys Arkins
d4aec0ff76 feat(npm): perform full install if file: references found
npm’s —package-lock-only implementation seems to have a bug and produces incorrect lock files when file: references are present. If file: dependencies are detected, skipInstalls is set to false.

Closes #2401
2018-08-17 08:22:41 +02:00
Rhys Arkins
a80173d898 fix(npm): ignore scripts on full install 2018-08-15 17:27:40 +02:00
Rhys Arkins
d0ec341e15
feat: skipInstalls (#2390)
Adds new admin option “skipInstalls” that is applicable for npm-only for now (including lerna-npm). If set to false, Renovate will perform a full install of modules rather than `—package-lock-only`. This is necessary in some cases to work around bugs in npm.

Self-hosted bot users can set this option themselves on the bot’s config, but app users will require it to be enabled per-repository by the app admin.
2018-08-15 17:13:07 +02:00
Rhys Arkins
103d8fbf68
feat: prettyDepType (#2376)
Adds field prettyDepType available for templates, currently used for npm only. Allows for PR titles like “Update devDependency left-pad to v1.3.0” instead of default “Update dependency left-pad to v1.3.0”.

To enable in PR titles: add this configuration: `"commitMessageTopic": "{{prettyDepType}} {{depName}}”`

This is not enabled by default as otherwise it could lead to the reopening of previously manually-closed PRs.

Closes #2371, Closes #1863
2018-08-11 11:24:38 +02:00
Mathias Schreck
4868a0e9d9 fix: strip yarn-path option from yarnrc (#2311)
Removing the `yarn-path` option from `yarnrc` makes sure that renovate always uses its bundled version of `yarn`.

Closes #2310
2018-07-26 16:18:37 +02:00
Rhys Arkins
efff72a5e1 chore: fix lint 2018-07-22 09:39:35 +02:00
Rhys Arkins
250c4d8162 feat(npm): ignore vendorised package.json files
Closes #2291
2018-07-22 09:29:19 +02:00
Rhys Arkins
91215af1ba refactor(js): use language ‘js’ for npm and meteor 2018-07-21 21:28:38 +02:00
Rhys Arkins
cddd9cd858 feat: raise prs with lock file warning
Raises PRs and includes warning if lock file updates fail and release timestamp is greater than a day old.

Closes #2233
2018-07-14 08:14:02 +02:00
Rhys Arkins
11c4741271 refactor: fix import order 2018-07-09 11:15:06 +02:00
Rhys Arkins
5ea6955aac fix: don’t reuse lock files in branch if any updates are lock file maintenance 2018-07-05 12:06:55 +02:00
Rhys Arkins
cd9adf76b5 refactor: RENOVATE_REUSE_PACKAGE_LOCK
Attempted workaround for #1984
2018-07-04 19:20:34 +02:00
Rhys Arkins
fb6271e4f7 refactor: rename update.type -> update.updateType 2018-07-04 10:11:53 +02:00
Rhys Arkins
25a35b871d fix(npm): set lockedVersion only if valid semver 2018-06-29 06:31:12 +02:00
Rhys Arkins
46bc8d0068 fix: restore lockFile set for lerna 2018-06-28 13:41:11 +02:00
Rhys Arkins
ae62215936 feat(npm): lerna lockFile maintenance
Adds support for lock file maintenance when lerna is in use.

Closes #1974
2018-06-28 12:33:45 +02:00
Rhys Arkins
a3043c47ec feat: log warning if lock file error persists for 1 day
Raises an additional log file warning whenever lock file errors persist for a day or longer. The idea of this is that temporary errors - e.g. caused by npmjs itself - should not disturb the user. 1 day seems like a reasonable time for multiple attemps to be made first, assuming it has been scheduled. Once this is tested in production for a little while and no unexpected problems, it will be converted to actually raise a config warning issue in the repo to get user attention.
2018-06-28 10:17:17 +02:00
Rhys Arkins
dca7eb6983 fix: match against non-starred workspaces packages
Previously we were missing out cases like `app/package.json` if the workspaces packages were defined like `[“packages/*”, “app/“]`.

Fixes #2186
2018-06-27 14:22:45 +02:00
Rhys Arkins
ec5ac5fbf6 logs: lower npm.update debugs to trace 2018-06-22 22:39:21 +02:00
Rhys Arkins
371c10f259 refactor: rename clean=true to sanitize=true 2018-06-11 07:15:54 +02:00
Rhys Arkins
453fb7033f fix(npm): gracefully skip empty dependency version 2018-06-08 11:26:18 +02:00
Rhys Arkins
dbfb5606e5 logs: lower pnpm lock file error to info 2018-06-08 11:25:53 +02:00
Rhys Arkins
4919306265 fix(npm): correct npmrc replace regex 2018-06-07 13:05:56 +02:00
Rhys Arkins
2a0f2fbba9 fix(npm): filter out package-lock = false in .npmrc
This prevents us from updating npm lock files
2018-06-07 12:39:49 +02:00
Rhys Arkins
3dffefd82b logs: fix npm lockfile debug filename and command 2018-06-07 12:32:38 +02:00
Rhys Arkins
233fa20781 refactor: source yarn versions from npm not github 2018-06-04 06:40:13 +02:00
Rhys Arkins
d8cb261ecb
refactor: rename version -> value (#2076)
Renames currentVersion to currentValue, newVersion to newValue, newVersionMajor to newMajor, and newVersionMinor to newMinor.
2018-06-04 05:48:20 +02:00
Rhys Arkins
24e341b5b4 feat: support semver equals (=)
Adds support for upgrading equals values, e.g. from `=1.0.0` to `=1.0.1`.
2018-06-03 22:25:27 +02:00
Rhys Arkins
dc6959c939 fix: set versionScheme for all manager extracts 2018-06-03 19:13:39 +02:00
Ayoub Kaanich
c54d0ab69d refactor: add versioning wrapper 2018-06-03 17:02:53 +02:00
Rhys Arkins
527c355b48
refactor: move getRangeStrategy to manager (#2072) 2018-06-03 14:25:05 +02:00
Rhys Arkins
dd09707c20 refactor: default versionScheme to ‘semver’ 2018-06-03 07:43:09 +02:00
Rhys Arkins
0a38cfbc22 chore: add versionScheme to purl extract 2018-06-02 10:19:36 +02:00
Rhys Arkins
2383c5c462 fix(npm): bumpVersion use correct from version
Closes #2060
2018-06-02 07:44:01 +02:00
Rhys Arkins
1f72f473d1 fix: look up npm versions from npmjs not github 2018-06-01 19:07:55 +02:00
Rhys Arkins
fc48fac138 fix: ignore unknown engines fields
Ignores any engines fields in package.json that aren’t node, npm or yarn.

Closes #2059
2018-06-01 18:14:49 +02:00
Rhys Arkins
784a0598b9 refactor: use options for github datasource 2018-06-01 15:32:17 +02:00
Rhys Arkins
04f1e40c30 fix: disable major node engines updates 2018-06-01 11:49:44 +02:00
Rhys Arkins
e39cc9a584
feat: use purl for package lookups (#2041) 2018-06-01 09:02:51 +02:00
Rhys Arkins
122bb3e3d8 refactor: don’t massage @types url 2018-05-31 22:07:44 +02:00
Rhys Arkins
077923109e
feat: add purl to npm packages (#2053) 2018-05-31 19:19:42 +02:00
Rhys Arkins
830d56875e
fix: restore allowedVersions filter (#2044)
Also adds tests to make sure it’s never lost again.

Fixes https://github.com/renovatebot/config-help/issues/49
2018-05-30 08:27:49 +02:00
Rhys Arkins
8737a324df fix(yarn): handle complex workspaces packages 2018-05-29 22:06:36 +02:00
Rhys Arkins
1da997dbe6 fix: pin when range strategy is autodetected to pin 2018-05-29 14:27:34 +02:00
Rhys Arkins
51108d3fed logs: log dep name with pin message 2018-05-29 14:20:28 +02:00
Rhys Arkins
6cb8f7f583
feat: refactor lookup/package logic for npm (#2038) 2018-05-29 12:44:01 +02:00
Rhys Arkins
16e66ad67b fix: do not log find before lock file
Closes #2039
2018-05-29 10:04:51 +02:00
Rhys Arkins
9e80c2bde7 fix(npm): unpublishable calculation 2018-05-29 09:52:32 +02:00
Rhys Arkins
1271414cb0 fix: respect latest only if ignoring unstable 2018-05-29 09:32:15 +02:00
Rhys Arkins
7ad306da44 feat: allow rollback + upgrades
If a current version is missing, we now return both rollback as well as upgrades if upgrades are present.
2018-05-29 07:13:44 +02:00
Rhys Arkins
6c2cabac6e feat: optimise lerna reuse
Removes `npx` approach and instead installs each version globally.

Closes #1801
2018-05-29 06:25:46 +02:00
Rhys Arkins
7b149df595 logs: less debug 2018-05-28 22:25:33 +02:00
Rhys Arkins
720c280421 refactor: handle lock file errors due to registry not being ready 2018-05-28 20:12:17 +02:00
Rhys Arkins
6f77953795 fix(npm): use —no-audit 2018-05-28 19:41:34 +02:00
Rhys Arkins
4ae2ee10e9 refactor: run find after npm install 2018-05-28 19:19:10 +02:00
Rhys Arkins
98c250af1a fix: log info messages if package being updated fails 2018-05-28 18:47:58 +02:00
Rhys Arkins
11d5a8b02e fix: don’t update starred versions 2018-05-28 15:18:40 +02:00
Rhys Arkins
1c115ae6b6 refactor: move getRangeStrategy into npm/lookup 2018-05-28 13:25:54 +02:00
Rhys Arkins
c9e9bb73a8 fix: widen complex bump range instead of skip 2018-05-28 12:42:02 +02:00
Rhys Arkins
addf184473
feat: refactor getPackageUpdates for manager expansion (#1994)
The goal of this PR is to refactor npm's version lookup/grouping as much as possible to enable the same logic to be used for other package managers.
2018-05-28 09:09:22 +02:00
Rhys Arkins
a9f47ca0b0 fix(yarn): read yarnrc contents properly
Properly fixes #2020
2018-05-26 18:22:32 +02:00
Rhys Arkins
c2100ffc21 fix(yarn): look for .yarnrc for every package file
Closes #2020
2018-05-25 12:12:03 +02:00
Rhys Arkins
7f8dd25a97 refactor: matchesSemver -> matches 2018-05-21 17:40:15 +02:00
Rhys Arkins
7a1d30c8b6 refactor: move semver to lib/versioning 2018-05-21 17:30:55 +02:00
Rhys Arkins
d45f957cfd refactor: defer isX upgrade classifications 2018-05-21 17:20:41 +02:00
Rhys Arkins
702ccee67a refactor: rename changelog fields 2018-05-18 17:20:20 +02:00
Rhys Arkins
4c80a433df fix(npm): handle jump between unstable releases in same major
Closes #1990
2018-05-18 16:07:33 +02:00
Rhys Arkins
93379c4b79 refactor: separatePatchReleases -> separateMinorPatch
Closes #1952
2018-05-17 07:40:29 +02:00
Rhys Arkins
6c3645d18c refactor: separateMajorReleases -> separateMajorMinor 2018-05-17 07:37:37 +02:00
Rhys Arkins
eaf10143c2 refactor: rename multipleMajorPrs -> separateMultipleMajor 2018-05-17 07:33:59 +02:00
Rhys Arkins
7f4cb4aa57
feat: rangeStrategy (#1954)
This PR replaces the existing `pinVersions`, `upgradeInRange` and `versionStrategy` settings with a single one: `rangeStrategy`.

Previously:
 - `pinVersions` could be `true` or `false`, but defaulted to `null`, which meant that Renovate would decide. `true` meant that Renovate would replace existing ranges like `^1.0.0` with an exact/pinned version such as `1.2.0`.
 - `upgradeInRange` could be true or false, default to false. If `true`, it would mean Renovate would replace an existing range like `^1.0.0` with something like `^1.2.0`
 - `versionStrategy` could be `replace` or `widen` and was mainly used for `peerDependencies` to widen existing ranges, e.g. from `^1.0.0` to `^1.0.0 || ^2.0.0`

It was possible to set conflicting settings, e.g. configuring `pinVersions=true` and `upgradeInRange=true`.

Now, we combine them into a single setting: `rangeStrategy`:
 - `auto` = Renovate decides (this will be done on a manager-by-manager basis)
 - `pin` = convert ranges to exact versions
 - `bump` = same as `upgradeInRange` previously, e.g. bump the range even if the new version satisifies the existing range
 - `replace` = Same as pinVersions === false && upgradeInRange === false, i.e. only replace the range if the new version falls outside it
 - `widen` = Same as previous versionStrategy==='widen'
2018-05-17 07:16:13 +02:00
Rhys Arkins
10fae47aa0 logs: print cmd when lockfile error 2018-05-16 08:22:28 +02:00
Rhys Arkins
d8aac6aff6 refactor: run find before installs 2018-05-16 08:20:51 +02:00
Rhys Arkins
b7703e3beb refactor: ls -l before yarn install 2018-05-16 06:58:07 +02:00
Rhys Arkins
2167eeba11 fix(lerna): return gracefully for lock file maintenance 2018-05-16 05:27:12 +02:00
Rhys Arkins
b7c90ce15d refactor(lerna): throw error if no lernaClient 2018-05-15 21:38:39 +02:00
Rhys Arkins
9f8852c1e3 refactor(lerna): debug missing lernaClient 2018-05-15 21:27:47 +02:00
Rhys Arkins
f3584b5fea fix(yarn): optimise existing file writing 2018-05-15 20:52:25 +02:00
Rhys Arkins
da562aadd2 fix(npm): write package-lock.json and npm-shrinkwrap.json 2018-05-15 20:03:06 +02:00
Rhys Arkins
2323820df9 refactor: replace config dot notation in npm lookup 2018-05-15 07:29:42 +02:00
Rhys Arkins
409cd4adde refactor: monorepoPackages -> internalPackages 2018-05-15 07:21:10 +02:00
Rhys Arkins
8c2ae3248c fix: use yarn workspaces packages if defined, the lerna 2018-05-15 05:58:18 +02:00
Rhys Arkins
3fa8ea22ea logs: log packageFile when failing to look up dependency 2018-05-14 21:53:00 +02:00
Rhys Arkins
1dd623c917 fix: set npmrc before calling getDependency 2018-05-14 21:02:50 +02:00
Rhys Arkins
2bc93e285b fix: correct nested config recommendation 2018-05-14 10:08:41 +02:00
Rhys Arkins
1352bbeb18 feat: discard npmrc if containing variables
.npmrc files will fail during lock file generation if they contain unexpanded variables, so it’s better to discard them instead.
2018-05-14 08:11:23 +02:00
Rhys Arkins
7e8148dfae fix: restore non-root package.json config validation errors 2018-05-14 07:54:24 +02:00
Rhys Arkins
69b264cf01 fix(npm): don’t read npmrc files if ignoreNpmrcFiles=true 2018-05-13 23:06:27 +02:00
Rhys Arkins
ebe9607d79 fix(npm): npmrc/ignoreNpmrc logic 2018-05-13 22:04:06 +02:00
Rhys Arkins
57552d5d2b fix(npm): skip packageFile npmrc if ignoreNpmrc 2018-05-13 21:31:46 +02:00
Rhys Arkins
16f6b5810a fix(npm): skip lock file check if no npm package files 2018-05-11 07:23:26 +02:00
Rhys Arkins
eccef72b52 fix(npm): restore autodetect pinVersions 2018-05-09 18:17:11 +02:00
Rhys Arkins
9c7600d6d3 fix: check npmrc before calling includes 2018-05-09 14:20:10 +02:00
Rhys Arkins
2ebc0b7718 fix: don’t write .npmrc if contains unexpanded variables 2018-05-09 13:38:24 +02:00
Rhys Arkins
4ecd691325 fix: expand criteria for keeping package.json files 2018-05-09 12:36:58 +02:00
Rhys Arkins
1631757e61 logs: don’t debug package.json content 2018-05-09 12:35:22 +02:00
Rhys Arkins
d4de9108af feat: skip PR generation if lock file generation fails 2018-05-09 12:10:45 +02:00
Rhys Arkins
ee3f7f714e fix: iterate all lerna dirs 2018-05-09 11:17:50 +02:00
Rhys Arkins
2075c20baa fix: lock file refactor 2018-05-09 10:42:38 +02:00
Rhys Arkins
10012f343a fix: manager -> lernaClient 2018-05-09 10:14:21 +02:00
Rhys Arkins
a332d8fb50 fix: lernaLockFile -> lernaClient 2018-05-09 09:38:11 +02:00
Rhys Arkins
f1f88e4443 fix: always write config.npmrc 2018-05-09 09:35:02 +02:00
Rhys Arkins
3c0e6b7e88 fix: default lerna client to npm 2018-05-09 09:32:21 +02:00
Rhys Arkins
ecdcd9df4f
feat: refactor dependency extraction (#1912)
Rewrite of dependency extraction, particularly for npm. Paves way for easier addition of new package managers.

Closes #1882
2018-05-09 08:03:59 +02:00
Rhys Arkins
19e35ffee0
refactor: return object from extract (#1914) 2018-05-03 18:09:18 +02:00
Rhys Arkins
a94088ba28
feat: deprecate packageFiles (#1898)
This PR deprecates the use of `packageFiles` and migrates it to `includePaths` and `packageRules`.

Closes #1887
2018-05-01 09:21:15 +02:00
Rhys Arkins
c356bb0349
feat: custom filenames for package files (#1894)
Renovate now comes with a variety of package managers supported, each with their own filename pattern(s). These patterns are now exposed for user configuration through the new `fileMatch` list/array configuration option, which has been added to each manager (npm, bazel, docker-compose, etc). `fileMatch` is defined as a mergeable list, meaning that users can add to the default pattern to extend the files being detected.

Closes #799
2018-04-30 13:18:51 +02:00
Rhys Arkins
9753f9dcba
feat: modular branchName/prTitle/commitMessage templating (#1760)
This PR refactors `branchName`, `commitMessage` and `prTitle` so that they are more easily editable and hopefully more understandable. By breaking each up into subsections, users can modify one part without needing to copy/paste the entire string.

Directly editing any of these fields will now be deprecated and a warning issued.
2018-04-17 08:39:26 +02:00
Rhys Arkins
5bda10af76 logs: drop noisy locked version debug 2018-04-14 07:25:39 +02:00
Rhys Arkins
523b02fbc8
refactor: npm and semver (#1817) 2018-04-10 05:20:46 +02:00
Rhys Arkins
1f63173194 fix: remove enabled=true requirement from managers
Simplify manager definitions by removing need for explicit enabled=true
2018-04-09 08:23:59 +02:00
Țurcanu Dragomir
2f4d5836f3 feat: Raise config error if config found within nested package.json (#1777)
Raises config error if renovate config found in a nested package.json

Closes #1742
2018-04-05 22:42:07 +02:00
Rhys Arkins
9a36bdcf1b refactor: rename setNewValue to updateDependency 2018-03-30 06:05:00 +02:00
Rhys Arkins
533f866c82 fix: don’t raise error for locked private dependencies
yarn should be able to handle this now.

Closes #1721
2018-03-29 11:34:36 +02:00
Rhys Arkins
1c96ba54b4 chore: fix Warning typo 2018-03-28 13:33:58 +02:00
Rhys Arkins
9ab4e55bc5 chore: reduce logger.debug volume 2018-03-27 21:57:02 +02:00
Rhys Arkins
acb725beb9 fix: stringify currentVersion before trim 2018-03-27 16:25:06 +02:00
Rhys Arkins
0e658843a2 fix: don’t raise config warning issue when onboarding 2018-03-27 16:02:56 +02:00
Rhys Arkins
b110e22218 fix: filter out deps with no current version 2018-03-27 15:13:16 +02:00
Rhys Arkins
6b7077a3ef fix: filter and debug failed meteor extraction 2018-03-27 14:00:29 +02:00
Rhys Arkins
94892db991 fix: config warn issue only if using yarn
It seems that npm is able to update a lock file even if some of the non-updated deps can not be found. So the renovate halt and warning is only needed if a yarnLock file is present.
2018-03-27 13:41:45 +02:00
Rhys Arkins
fc4d5fc08d fix: add check if lerna npmClient=yarn 2018-03-22 20:35:25 +01:00
Rhys Arkins
f0cd0cb8b8
feat: raise config action issue if failing to look up locked dependency (#1704)
If an npm dependency can’t be found, and the package.json has a lock file, then Renovate will encounter lock file errors every time *any* dependency in that package.json has an update. Instead of raising PRs with an error, we instead now stop raising PRs and instead raise a config warning issue. Users can “dismiss” this by setting config option `updateLockFiles` to false.

Closes #1697
2018-03-22 11:55:58 +01:00
Rhys Arkins
3a4a0cb029
feat: updateLockFiles (#1703)
Adds an option “updateLockFiles” which defaults to true. Setting to false means that updating lock files (e.g. package-lock.json, yarn.lock and shrinkwrap.yaml) will be skipped. The main reason for doing this is for repositories that use a dependency we can’t resolve, so that they can keep updating the package.json without lock file.
2018-03-22 10:41:26 +01:00
Rhys Arkins
c2f0a46d9a feat: npm shrinkwrap
Adds support for npm-shrinkwrap.json files.

Closes #67
2018-03-08 09:46:08 +01:00
Rhys Arkins
6530480410 refactor: simplify detectPackageFiles 2018-03-04 20:03:52 +01:00
Rhys Arkins
5e3822d0cc refactor: use filePattern for each manager 2018-03-04 16:09:12 +01:00
Rhys Arkins
cd9218444d refactor: move node package lookup to node helper 2018-03-03 17:36:45 +01:00