Commit graph

773 commits

Author SHA1 Message Date
Ayoub Kaanich
57ffec14cb feat: autodetect changelog file name (#1770)
Improves changelog detection algorithm to look for different upper/lower case options as well as alternative filenames like `History.md`.

Resolves #1754
2018-04-01 21:41:26 +02:00
Ayoub Kaanich
74dde919f1 fix: use markdown-it to sectionize changelog files (#1767)
Resolves #1709
2018-04-01 15:51:20 +02:00
Rhys Arkins
55e71bf041
tests: improve readability of fatal error test (#1756)
tests: improve readability of fatal error test
2018-03-30 20:20:18 +02:00
Rhys Arkins
b15909f8df
feat: enabledManagers (#1755)
feat: enabledManagers
2018-03-30 17:00:51 +02:00
Rhys Arkins
9a36bdcf1b refactor: rename setNewValue to updateDependency 2018-03-30 06:05:00 +02:00
Rhys Arkins
ba614d4624 fix: support quotation marks for circleci
Fixes #1745
2018-03-29 19:25:31 +02:00
Rhys Arkins
b57437940b fix: handle quoted docker compose strings 2018-03-29 15:42:17 +02:00
Rhys Arkins
533f866c82 fix: don’t raise error for locked private dependencies
yarn should be able to handle this now.

Closes #1721
2018-03-29 11:34:36 +02:00
Rhys Arkins
aa3d361187 fix: throw registry failure if a tag has no manifest 2018-03-29 10:53:08 +02:00
Rhys Arkins
2e173c3539 fix: better fix for undefined new docker digest 2018-03-29 07:07:56 +02:00
Rhys Arkins
94a5240858
feat: CircleCI docker image support (#1732)
Adds support for renovating docker image definitions in CircleCI 2 config files (`.circleci/config.yml`).

Closes #1714
2018-03-28 20:12:56 +02:00
Rhys Arkins
cb3537feaa refactor: return manager name with package files 2018-03-28 19:53:42 +02:00
Rhys Arkins
b724a411da
feat: Docker Compose support (#1729)
Adds support for renovating Docker Compose files (e.g. `docker-compose.yml`). Functionality is essentially the same as the existing `Dockerfile` capabilities, so config for `docker` is shared with `docker-compose` but may also be overridden.

Merging as disabled by default - will wait for some opt-in testing before turning it on by default.

Closes #832
2018-03-28 15:24:42 +02:00
Rhys Arkins
906c6273c7 fix: raise config errors for package rules missing selectors 2018-03-28 15:13:32 +02:00
Rhys Arkins
b89f448946
feat: validate packageRule selectors (#1728)
Validates that each packageRule must contain at least one selector. Resolves the rule first to allow for presets.

Closes #1345, Closes #1693
2018-03-28 10:04:07 +02:00
Rhys Arkins
37035480f1 refactor: validate list only if non-empty 2018-03-28 09:36:09 +02:00
Steven Hargrove
6b67ffa5ff fix: enforce valid git branch names (#1725)
Adds proper enforcement of branch name rules.

Fixes #1724
2018-03-28 05:18:42 +02:00
Rhys Arkins
6623047177 fix: add npm retries for null versions or parseError 2018-03-27 20:57:11 +02:00
Rhys Arkins
0e658843a2 fix: don’t raise config warning issue when onboarding 2018-03-27 16:02:56 +02:00
Rhys Arkins
df0dc74e22 fix: handle meteor package.js with trailing comma 2018-03-27 15:46:29 +02:00
Rhys Arkins
94892db991 fix: config warn issue only if using yarn
It seems that npm is able to update a lock file even if some of the non-updated deps can not be found. So the renovate halt and warning is only needed if a yarnLock file is present.
2018-03-27 13:41:45 +02:00
Rhys Arkins
4c3581caf0 fix: prune “renovate” branch if branchPrefix is “renovate/“
Otherwise it blocks us from branch creation
2018-03-26 12:10:00 +02:00
Rhys Arkins
a302b11a26
feat: custom docker registries (#1707)
Adds support for custom docker registries. To work (for now), registries must support anonymous public access to their v2 API. Tested against quay.io and gcr.io, including tags pagination for quay. Also needed to add a 10s timeout for registry queries to catch private/firewalled registries that we can't access.

Closes #797
2018-03-23 14:48:36 +01:00
Rhys Arkins
f0cd0cb8b8
feat: raise config action issue if failing to look up locked dependency (#1704)
If an npm dependency can’t be found, and the package.json has a lock file, then Renovate will encounter lock file errors every time *any* dependency in that package.json has an update. Instead of raising PRs with an error, we instead now stop raising PRs and instead raise a config warning issue. Users can “dismiss” this by setting config option `updateLockFiles` to false.

Closes #1697
2018-03-22 11:55:58 +01:00
Rhys Arkins
3a4a0cb029
feat: updateLockFiles (#1703)
Adds an option “updateLockFiles” which defaults to true. Setting to false means that updating lock files (e.g. package-lock.json, yarn.lock and shrinkwrap.yaml) will be skipped. The main reason for doing this is for repositories that use a dependency we can’t resolve, so that they can keep updating the package.json without lock file.
2018-03-22 10:41:26 +01:00
Rhys Arkins
c1a7bff4a1 refactor: allow 10 loops instead of 5 2018-03-22 09:34:00 +01:00
Rhys Arkins
363a2cc2e5 fix: abort renovation if rate limit exceeded (github) 2018-03-22 09:26:20 +01:00
Rhys Arkins
6354f3d07a fix: try delete lock file maintenance branch only if it exists 2018-03-21 15:53:48 +01:00
Rhys Arkins
27ee7687d9 fix: skip branch creation if unpublishable pr not ready for creating
Don’t create a branch until its unpublishable.

Fixes #1580
2018-03-21 11:40:28 +01:00
Rhys Arkins
ee3240908b
feat: requireConfig (#1695)
Adds option to bot owners to require a renovate config be in place.

Closes #1694
2018-03-21 10:08:55 +01:00
Rhys Arkins
42ea27a926 fix: skip looking up scratch base image (docker) 2018-03-21 05:16:03 +01:00
Rhys Arkins
78f5b35442 fix: skip named multistage docker builds 2018-03-20 21:42:34 +01:00
Rhys Arkins
c9f2d387fa fix: use github tags not releases to determine node versions
Closes #1691
2018-03-20 15:51:37 +01:00
Rhys Arkins
2364efdb39 fix: improve lockfile maintenance deletion logic
Set lock file branches to always rebase stale, and delete if there’s no work to do.
2018-03-20 06:48:27 +01:00
Rhys Arkins
fa2bda45fe fix: delete lockFileMaintenance branch if no longer necessary
If a lockFileMaintenance branch returns no updated lockfiles then we should delete it.

Closes #1655
2018-03-16 10:51:10 +01:00
Rhys Arkins
ef26aa7ea4 fix: rebase lock file maintenance PRs if configured
Fixes so we skip lock file generation for lock file maintenance branches only if it *doesn’t* need rebasing.

Helps #1655
2018-03-16 06:28:46 +01:00
Rhys Arkins
23d0290384
fix: raise PR immediately if there are lock file errors (#1664)
fix: raise PR immediately if there are lock file errors
2018-03-15 07:06:18 +01:00
Rhys Arkins
3f77d676cd
fix: docker multi-stage duplicate replace (#1662)
Closes #1656
2018-03-14 12:49:47 +01:00
Rhys Arkins
d0e76b9d51 fix: validate :timezone preset value 2018-03-13 21:47:08 +01:00
Rhys Arkins
ec14bf0e92
fix: reopen MR after branch deletion (GitLab) (#1660)
Closes #1657
2018-03-13 20:33:22 +01:00
Rhys Arkins
e62aa89a6c
feat: customisable prFooter (#1648) 2018-03-12 13:35:15 +01:00
ikisialeu
c0f87172fa fix: validate timezones (#1638)
`Adds a config validation check for timezone, checking it against the list in moment-timezome.js`. Configs with invalid timezones will raise a configuration error.

Closes #1483
2018-03-12 04:24:45 +01:00
Rhys Arkins
36afcad570 fix: handle invalid travis supportPolicy 2018-03-10 16:58:34 +01:00
eMerzh
088279abbd fix: return shrinkwrapdir to avoid crash (#1621) 2018-03-08 15:59:52 +01:00
Rhys Arkins
c2f0a46d9a feat: npm shrinkwrap
Adds support for npm-shrinkwrap.json files.

Closes #67
2018-03-08 09:46:08 +01:00
Rhys Arkins
308ed432db
feat: upgradeInRange (#1608)
Upgrade ranges to latest version even if latest version satisfies existing range.

| name    | value   |
| ------- | ------- |
| type    | boolean |
| default | false   |

By default, Renovate assumes that if you are using ranges then it's because you want them to be wide/open. As such, Renovate won't deliberately "narrow" the range by increasing the semver value inside.

For example, if your `package.json` specifies a value for `left-pad` of `^1.0.0` and the latest version on npmjs is `1.2.0`, then Renovate won't change anything. If instead you'd prefer to be updated to `^1.2.0` in cases like this, then set `upgradeInRange` to `true` in your Renovate config.

This feature supports simple caret (`^`) and tilde (`~`) ranges only, like `^1.0.0` and `~1.0.0`. It is not compatible with `pinVersions=true`.

Closes #1607
2018-03-07 07:41:10 +01:00
Rhys Arkins
a2ef094485 feat: support pinned versions in .travis.yml
If the existing version was pinned, or if pinVersions=true, then Renovate will use pinned versions for all the new values.

Closes #1605
2018-03-06 22:18:13 +01:00
Hutson Betts
d9f9e4692f docs(node): improve documentation clarity (#1606) 2018-03-06 21:42:47 +01:00
Rhys Arkins
d237c6c670 feat: add comment to PRs if config validation fails 2018-03-06 20:00:10 +01:00
Rhys Arkins
96835410d8
feat: validate renovate config PRs (#1602)
feat: validate renovate config PRs
2018-03-06 15:21:17 +01:00
Rhys Arkins
4104e81005 Revert "chore: remove unused getPrFiles functions"
This reverts commit d5984a3cad.
2018-03-06 12:18:35 +01:00
Adam Moss
621badb964 fix(allow-failure): enabled automerge when allowed failures occur
Closes: #1586

Signed-off-by: Adam Moss <adam.moss@bcs.org.uk>
2018-03-05 21:18:51 +01:00
Rhys Arkins
d5984a3cad chore: remove unused getPrFiles functions 2018-03-05 15:50:34 +01:00
Rhys Arkins
daba8ba560 fix: add travis content filter 2018-03-05 13:50:54 +01:00
Rhys Arkins
6530480410 refactor: simplify detectPackageFiles 2018-03-04 20:03:52 +01:00
Rhys Arkins
5e3822d0cc refactor: use filePattern for each manager 2018-03-04 16:09:12 +01:00
Rhys Arkins
dde5756488
feat: .nvmrc files (#1582)
Adds initial support for `.nvmrc` renovation. If the existing value is a fully-specified semver version then it will be upgraded, otherwise left alone.

Closes #1270
2018-03-04 15:52:06 +01:00
Rhys Arkins
f398fa19aa fix: Revert "refactor: improve migration scripts"
This reverts commit c6be31543d.

Closes #1584
2018-03-04 14:36:45 +01:00
Rhys Arkins
c6be31543d refactor: improve migration scripts 2018-03-04 07:35:18 +01:00
Rhys Arkins
dae287b62b
refactor: node-travis definitions (#1583)
Retains the "node" configuration object but moves enabling/disabling to "travis". Also removes the default `supportPolicy` from config.
2018-03-04 07:08:19 +01:00
Rhys Arkins
72b4951e59 chore: update snapshot 2018-03-04 05:39:46 +01:00
Rhys Arkins
faa4cc6171 fix: travis metadata and formatting
Updates travis config and logic to use same variables as for other managers. This fixes the onboarding PR.

Fixes #1551
2018-03-03 20:53:54 +01:00
Rhys Arkins
cd9218444d refactor: move node package lookup to node helper 2018-03-03 17:36:45 +01:00
Rhys Arkins
aa26ccc637 chore: rename travis/node tests 2018-03-03 15:48:12 +01:00
Rhys Arkins
886a3d05bf refactor: rename ‘node’ manager to ‘travis’ 2018-03-03 15:35:43 +01:00
Rhys Arkins
3c56f8aeb6
refactor: move manager-specific code under lib/manager (#1573)
Refactors all non-npm code to live inside lib/manager/*
2018-03-03 14:39:39 +01:00
Rhys Arkins
7f9d73a318 feat: allowedVersions
A semver range defining allowed versions for dependencies

| name | value  |
| ---- | ------ |
| type | string |

Use this - usually within a packageRule - to limit how far to upgrade a dependency. For example, if you wish to upgrade to angular v1.5 but not to `angular` v1.6 or higher, you could defined this to be `<= 1.5` or `< 1.6.0`:

```
  "packageRules": [{
    "packageNames": ["angular"],
    "allowedVersions": "<=1.5"
  }]
```
2018-03-03 06:35:11 +01:00
Rhys Arkins
bb2fc1b7ca refactor: move npm extract from workers to manager 2018-03-01 10:21:26 +01:00
Rhys Arkins
cf336a0b21 refactor: use manager not packageFile 2018-02-28 19:01:35 +01:00
Rhys Arkins
9119568fe4 fix: add checks if pr branch still exists (gitlab)
in GitLab, a PR may be open while the branch itself has been removed. We cant just assume that the branch exists because the PR does, even if it’s an edge case.
2018-02-28 04:43:30 +01:00
Rhys Arkins
d0fa221ae3 fix: only rebase if pr is dirty (github) 2018-02-27 19:50:16 +01:00
Rhys Arkins
e011d95e86 fix: don’t resolve empty meteor package.js
Refactors meteor to have a resolve function that detects/filters out empty files (like for other managers).
2018-02-27 17:19:12 +01:00
Rhys Arkins
579214682f fix: throw config validation error if unknown filename
Refactors manager.resolve to use file name to manager mappings.
2018-02-27 16:58:36 +01:00
Rhys Arkins
1f6893f5e2 fix: npm config should only be merged for package.json 2018-02-27 15:43:19 +01:00
Rhys Arkins
bc684c7b29 fix: implicit patch-only upgrade
Use type ‘patch’ only when patch automerge is true AND minor automerge is not true.
2018-02-27 14:50:09 +01:00
Rhys Arkins
3d491797dc fix: retry npmjs 408
npmjs’s CDN is (erroneously) returning 408 Timeout responses sometimes, so these should be retried.
2018-02-27 14:31:36 +01:00
Rhys Arkins
f95058d66b refactor: move npm registry to datasource 2018-02-27 10:49:24 +01:00
Rhys Arkins
5d73738dde refactor: move docker registry to datasource 2018-02-27 10:28:31 +01:00
Rhys Arkins
9263fd36b3 fix: don’t overwrite edited onboarding configs
Before, we were attempting to rebase edited branches if renovate.json was the only modified file. This “lost” the committer information - which seemed ok - but it also meant that on the subsequent run it then assumed Renovate was the only committer. Now we don’t rebase edited onboarding branches anymore.

Closes #1360
2018-02-22 19:46:57 +01:00
Rhys Arkins
1fd83139ed
feat: configurable onboarding config (#1543)
Adds configuration option `onboardingConfig` that allows the default onboarding config to be extended or replaced via `config.js` or env configuration.

Closes #1521
2018-02-21 19:50:58 +01:00
Rhys Arkins
182d1c7348
fix: don't use --package-lock-only for npm install (#1544)
* Revert "fix: disable reusing existing package-lock.json when upgrading (#1530)"

This reverts commit 2728e39963.

* switch from —package-lock-only to —ignore-scripts

Removing `--package-lock-only` option from npm installs due to https://github.com/npm/npm/issues/19852

Pretty sure this fixes #1495
2018-02-21 08:12:25 +01:00
Rhys Arkins
2b8886f17b tests: fix npm registry mock
Closes #1538
2018-02-21 07:47:48 +01:00
Rhys Arkins
8463be0266 fix: return branchName field when creating pr 2018-02-19 21:30:33 +01:00
Rhys Arkins
c949778ab7 fix: harmonize to pr.branchName 2018-02-19 20:01:10 +01:00
Rhys Arkins
116939ffb5
feat: renovate node engine in package.json (#1519)
Adds support for upgrading `node` version in `package.json` > `engines` if the current version is pinned.
- Does not convert from range to pin
- Ignores ranges
- Does not upgrade major versions
2018-02-19 14:21:45 +01:00
JYC
e03d487bc8 fix: update dependency vso-node-api to v6.3.2 (#1534)
* fix: update dependency vso-node-api to v6.3.2

* The web api create methods need to be async

* remove Redundant use of `await`

* To test 100%
2018-02-19 14:17:53 +01:00
Rhys Arkins
2728e39963
fix: disable reusing existing package-lock.json when upgrading (#1530)
Skip writing package-lock.json locally before `npm install —package-lock-only` to work around https://github.com/npm/npm/issues/19852

Workaround to fix #1528
2018-02-18 21:16:04 +01:00
Rhys Arkins
576f38efdc fix: use isUmergeable instead of mergeable 2018-02-16 16:19:26 +01:00
Adam Moss
4c0d7cf3e6 fix(gitAuthor): add support for GitLab
Allow the `gitAuthor` configuration option to override the committer
property when creating or updating a file within GitLab.  Port of #1280
which introduced the same capability for GitHub.

Closes #1281

Signed-off-by: Adam Moss <adam.moss@bcs.org.uk>
2018-02-12 16:49:08 +01:00
Rhys Arkins
9c845040ac fix: delete gitlab branch first if rebasing 2018-02-12 06:58:33 +01:00
Rhys Arkins
c92d67658c feat: use gitlab commits api for 1 commit per branch
Closes #1508
2018-02-12 06:20:20 +01:00
Rhys Arkins
b1da837da1 fix: create Pr if prNotPending hours exceeded for branch automerge 2018-02-09 13:29:47 +01:00
Rhys Arkins
03302a47cc fix: retry npmjs when receiving 5xx errors 2018-02-09 10:15:53 +01:00
Rhys Arkins
4fba8373a8 chore: refactor eslint ignores 2018-02-09 09:56:47 +01:00
Rhys Arkins
c2ca0e46b0 fix: return null rather than registry failure when unpublished deps found 2018-02-09 09:54:15 +01:00
Rhys Arkins
b1ad1bb058 fix: detect renamed repositories and skip 2018-02-08 16:04:25 +01:00
Rhys Arkins
f07a7a33c0 fix: strip trailing #something from manual repository url 2018-02-08 13:22:39 +01:00
Rhys Arkins
5794e008ce feat: look up missing dep repository manually if changelog fails 2018-02-08 13:00:22 +01:00
Rhys Arkins
c7efe253da fix: massage changelog release note bodies 2018-02-07 11:01:43 +01:00
Rhys Arkins
545218468f fix: Better summary/details substitution for gitlab pr bodies 2018-02-07 10:53:44 +01:00
Rhys Arkins
c97b1db1e6 tests: update snapshots 2018-02-07 10:36:11 +01:00
Rhys Arkins
4a7f493ec4 fix: delete branch if create pr returns “validation failed” 2018-02-07 08:05:32 +01:00
Rhys Arkins
f6e2627774
feat: parse CHANGELOG.md in source repositories (#1491)
Parses `CHANGELOG.md` for first or second-level markdown headings matching versions. Supports GitHub-only source repositories for now.

Closes #1470
2018-02-06 18:53:36 +01:00
Rhys Arkins
4663967379 fix: better lerna version detection 2018-02-06 15:49:21 +01:00
Rhys Arkins
a79222b777 fix: catch initRepo 403 (github) 2018-02-05 22:23:50 +01:00
Rhys Arkins
9c89629183
fix: re-enable lerna bootstrap (#1487)
* Revert "fix: Revert "feat: lerna bootstrap support (#1486)""

This reverts commit 4e592d601d.

* fix: fix lerna.json detection
2018-02-05 20:06:24 +01:00
Rhys Arkins
4e592d601d fix: Revert "feat: lerna bootstrap support (#1486)"
This reverts commit 3cab59d2fe.
2018-02-05 19:40:54 +01:00
Rhys Arkins
3cab59d2fe
feat: lerna bootstrap support (#1486)
Adds support for running `lerna bootstrap` instead of `npm install` or `yarn install` (without Workspaces), hence allowing support of internally-linked dependencies.

Closes #1441, Closes #1443
2018-02-05 19:30:07 +01:00
Rhys Arkins
e306f707db fix: abort renovation if repository has changed during run
If attempting to create a branch and it already exists, or attempting to update a branch and it no longer exists, then we abort.
2018-02-03 15:45:43 +01:00
Rhys Arkins
720b46696a
feat: gitlab branch cleanup (#1475)
Removes the GitHub-only check when cleaning/pruning branches.
2018-02-03 12:06:25 +01:00
Rhys Arkins
aa0b0d68fd
fix: don’t check for branch existing when rebasing (gitlab) (#1474)
Previously, our GitLab API library was checking if a a branch existed first before trying to create it. But due to caching, a branch we'd deleted ourselves still showed up as existing, so then there was no branch to update the files in. Skip this check and use try/catch for creating branch instead.

Fixes #1468
2018-02-03 11:04:27 +01:00
Rhys Arkins
6101f25dc7 fix: reset file list when setting base branch (gitlab) 2018-02-03 10:39:04 +01:00
Rhys Arkins
b184d3a217 fix: handle 403 blocked from github 2018-02-02 18:04:41 +01:00
Rhys Arkins
1c33bb1a31 fix: strip NPM_TOKEN lines from npmrc if not exposing env 2018-02-02 16:00:05 +01:00
Rhys Arkins
baa27de289 fix: gracefully handle missing versions in npm registry response 2018-02-02 15:02:43 +01:00
Rhys Arkins
c70c72f14b
feat: release notes in pull requests (sourced from github releases) (#1465)
Detects and embeds release notes found on GitHub when an npm dependency specifies a GitHub repository as its source and that repository has made use of the "Releases" feature.
2018-02-02 12:37:16 +01:00
Rhys Arkins
7afb693151 fix: update all pr body templates to use h1 headings 2018-02-02 10:56:40 +01:00
Rhys Arkins
360a640e40 fix: use v prefix for versions in PR bodies 2018-02-02 10:55:52 +01:00
Rhys Arkins
a008b1f1cd refactor: use h1 for pr headings 2018-02-02 10:49:27 +01:00
Rhys Arkins
9195adc58a refactor: sort versions and commits from oldest to newest
List versions and their commits in PR bodies in the order they were made (oldest to newest).
2018-02-02 05:42:22 +01:00
Rhys Arkins
a708005886 fix: massage issues/pulls links in public repos to be non-linking 2018-02-01 11:36:30 +01:00
Rhys Arkins
e533f96185 fix: escape depName as code in pr bodies 2018-02-01 08:30:44 +01:00
Rhys Arkins
cadb4b796f fix: massage updated less than/greater than to match existing format 2018-02-01 08:25:52 +01:00
Rhys Arkins
6fc1f94936 feat: list package files in onboarding PR
Closes #1461
2018-01-31 13:20:55 +01:00
Rhys Arkins
335844e6b7 feat: strip docker-only descriptions from onboarding PR if no Dockerfiles 2018-01-31 13:10:09 +01:00
Rhys Arkins
5f3b1b7fdf feat: set repository url for @types/* packages manually
If a dependency has name starting with `@types/` and no repository url returned from the npmjs query, we manually set a URL pointing to the DefinitelyTyped repository.
2018-01-31 11:24:19 +01:00
Rhys Arkins
ad4b9feb92 feat: prConcurrentLimit
Adds a new feature to limit the number of concurrent branches/PRs to have open at any one time. Defaults to 0 (disabled), set it to a positive integer to enforce that limit.
2018-01-30 11:43:16 +01:00
Rhys Arkins
5800230cc2 fix: packageRules without packageNames or packagePatterns should match
If a packageRule is missing packageNames AND missing packagePatterns, then we should match by default. This allows users to define a single “exclude” rule without needing to add a catchall include rule (e.g. `packagePatterns”: [“.*”]`)
2018-01-30 09:34:42 +01:00
Rhys Arkins
37d83cf61a refactor: check that workspaces has yarn.lock committed
Closes #1451
2018-01-29 09:51:16 +01:00
Rhys Arkins
f5b1c00d8f refactor: log old/new pr details if updating 2018-01-28 21:46:27 +01:00
Rhys Arkins
64cf41e76e refactor: sort PRs by type and then title 2018-01-28 16:14:04 +01:00
Rhys Arkins
294fc6b3a5 refactor: don’t warn if current version is a file reference 2018-01-28 15:44:35 +01:00
Rhys Arkins
b2b0e42492 fix: do not jump unstable majors unless configured to do so 2018-01-27 16:18:18 +01:00
Rhys Arkins
79e9ce6d8f feat: pin npm dependencies using lock files
When package-lock.json or yarn.lock files are present, and Renovate needs to “pin” any dependencies (e.g. after onboarding), it will use whatever version is in the lockfile rather than the latest version on npm js that satisfies the semver range. This should increase the chance that Pin Dependencies PRs pass tests, as it should use as close as possible dependencies as the previous time the lock file was committed to master. Thanks to @alexeagle for first suggesting this.

Closes #1362
2018-01-26 10:18:40 +01:00
Rhys Arkins
d66dea7ec3
feat: verify status check (GitHub) (#1444)
Adds a `renovate/verify` status check for those migrating and looking for familiarity. Better to check the GPG verified commit, as mentioned in the associated doc.
2018-01-25 13:36:21 +01:00
Rhys Arkins
9363fd8acf refactor: pass object to platform.initRepo
Also renames repoName to repository
2018-01-25 12:24:13 +01:00
ctaepper
280e74fa9f feat: expose env to npmrc and npm/yarn/pnpm (#1407)
Adds a config option to bot administrators called `exposeEnv`, for cases where repositories are trusted. If set to true, the bot's full `process.env` can be used for `.npmrc` variable substitution and is passed to child processes when generating lock files. Disabled by default, including in the App.
2018-01-25 10:38:30 +01:00
Rhys Arkins
0925f59262
feat: versionStrategy (#1439)
Adds new config option `versionStrategy` that allows config to override Renovate’s autodetection of when to “widen” an existing semver range, and when to “replace”.
2018-01-24 15:26:37 +01:00
Rhys Arkins
1b535af43e
feat: hyphen range support (#1437)
Adds support for ranges, such as `”1.x - 2.x”`. Adds support for widening .x ranges, e.g. `”1.x || 2.x”` becomes updated to `”1.x || 2.x || 3.x”`.

Closes #687
2018-01-24 11:23:59 +01:00
Rhys Arkins
f943d6b27c
feat: widen semver || ranges (#1436)
When an “or” semver (e.g. “react”: “^14.4.0 || ^15.0.0”) is found, we now widen it. e.g. the result will be “^14.4.0 || ^15.0.0”.
2018-01-24 09:44:38 +01:00
Rhys Arkins
bf64d62dc8
feat: advanced semver "less than (and equal to)" support (#1435)
Adds support for "less than" semver, and for complex semver values that end in "less than" e.g. ">= 1.0.0 < 2.0.0". Also supports complex semver values that end in "less than or equal to", although they make a lot less sense, e.g. ">= 1.0.0 <= 2.0.0".

Closes #1433
2018-01-24 08:43:27 +01:00
Rhys Arkins
9504fb8abb
refactor: use handlebars triple escapes in templates (#1434)
This stops HTML substitution from occurring
2018-01-24 07:18:11 +01:00
Rhys Arkins
516142b687
feat: import existing greenkeeper config when onboarding (#1431)
Detects any greenkeeper configuration fields and migrates them to Renovate’s config during onboarding.

Closes #1429
2018-01-23 11:59:32 +01:00
Rhys Arkins
0b7deb546c
feat: apply package.json renovate config to whole repository (#1419)
Changes the way Renovate treats renovate config inside `package.json` files. Before, config used to be applied only to that particular file, meaning that it was not applied for the rest of a monorepo, or for other package managers like Docker. Now, any `renovate` section inside the repository’s root `package.json` will be applied globally, just the sams as if it were contained within a `renovate.json` file. This means there is no longer any case where you *must* have a `renovate.json` file instead of `package.json`.

Closes #1323

BREAKING CHANGE: renovate config in `./package.json` is now applied to whole repository, and renovate config inside non-root `package.json` files is now ignored.
2018-01-23 06:59:01 +01:00
otofu-square
f251969fab fix: correct typos in templates (#1423) 2018-01-22 11:17:00 +01:00
Rhys Arkins
d774a14910 feat: abort repo for most npm registry errors
Renovate now aborts processing of repositories if for any 4xx responses except 401 and 404, and also for 200 OK responses which are unparseable.

Closes #1341
2018-01-21 07:16:28 +01:00
Rhys Arkins
3b13591ebc refactor: Add warning to Pin PRs that upgrade PRs will be held up
Closes #1380
2018-01-20 16:20:50 +01:00
Rhys Arkins
fa68a5a216 refactor: skip ignore notification comment if PR was merged 2018-01-20 15:09:23 +01:00
Rhys Arkins
b72bfdf4ba
feat: bumpVersion (#1413)
Adds a new configuration option that allows you to bump the version number in the package.json being updated. e.g. you might configure Renovate to bump a patch every time, or maybe for dependencies only and not devDependencies. e.g. if you configure `"bumpVersion": "patch"` then a Renovate PR updating a `package.json` that used to be version `1.2.1` will now see it updated to `1.2.2` (in addition to the dependency version(s) being updated too). Thanks to @gunar for the feature suggestion.

Closes #861
2018-01-20 09:27:05 +01:00
Rhys Arkins
c5a5463f68 tests: expand pathRules test to verify matching 2018-01-20 06:36:17 +01:00