If a dependency has name starting with `@types/` and no repository url returned from the npmjs query, we manually set a URL pointing to the DefinitelyTyped repository.
Adds a new feature to limit the number of concurrent branches/PRs to have open at any one time. Defaults to 0 (disabled), set it to a positive integer to enforce that limit.
If a packageRule is missing packageNames AND missing packagePatterns, then we should match by default. This allows users to define a single “exclude” rule without needing to add a catchall include rule (e.g. `packagePatterns”: [“.*”]`)
When package-lock.json or yarn.lock files are present, and Renovate needs to “pin” any dependencies (e.g. after onboarding), it will use whatever version is in the lockfile rather than the latest version on npm js that satisfies the semver range. This should increase the chance that Pin Dependencies PRs pass tests, as it should use as close as possible dependencies as the previous time the lock file was committed to master. Thanks to @alexeagle for first suggesting this.
Closes#1362
Adds a `renovate/verify` status check for those migrating and looking for familiarity. Better to check the GPG verified commit, as mentioned in the associated doc.
Adds a config option to bot administrators called `exposeEnv`, for cases where repositories are trusted. If set to true, the bot's full `process.env` can be used for `.npmrc` variable substitution and is passed to child processes when generating lock files. Disabled by default, including in the App.
Adds new config option `versionStrategy` that allows config to override Renovate’s autodetection of when to “widen” an existing semver range, and when to “replace”.
Adds support for ranges, such as `”1.x - 2.x”`. Adds support for widening .x ranges, e.g. `”1.x || 2.x”` becomes updated to `”1.x || 2.x || 3.x”`.
Closes#687
Adds support for "less than" semver, and for complex semver values that end in "less than" e.g. ">= 1.0.0 < 2.0.0". Also supports complex semver values that end in "less than or equal to", although they make a lot less sense, e.g. ">= 1.0.0 <= 2.0.0".
Closes#1433
