renovate/renovate
1
0
Fork 0
mirror of https://github.com/renovatebot/renovate.git synced 2025-01-13 15:36:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7
7209 commits 31 branches 9361 tags 240 MiB
Commit graph

852 commits

Author SHA1 Message Date
mohd hassaan
c53cd4e674 feat: Add "rebase all" functionality in master issue (#3597) 2019-04-28 09:04:50 +02:00
Rhys Arkins
54c02adb8b fix: add link to master issue blog post 2019-04-28 08:48:37 +02:00
Rhys Arkins
1dfcc4ef3d fix: create master issue if any branch needs approval 
Closes https://github.com/renovatebot/config-help/issues/224
 2019-04-28 08:23:00 +02:00
Rhys Arkins
390f2cf5f9 fix: skip extractAllPackageFiles if empty 2019-04-28 08:16:41 +02:00
Rhys Arkins
2b4bf85b63 fix: run minimatch with dotfile matching enabled 2019-04-25 07:00:52 +02:00
mohd hassaan
8e195cef03 feat: Add JSON5 parser (#3555) 
Added support for `renovate.json5` filename. Now configuration can be parsed from a `json5` format file.

Closes #3484
 2019-04-19 08:39:20 +02:00
Rhys Arkins
f98fe65c00 refactor: enforce requireConfig (#3408) 
Previously we maintained an exception to the rule that if `requireConfig` was true then we still support repositories without a config if they have previously merged PRs. Now such repositories will be skipped.

Closes #3338 

BREAKING CHANGE: requireConfig is now enforced, if enabled. If a repository has no config but merged PRs, it will still be skipped.
 2019-04-16 16:06:25 +02:00
Matt Lavin
371076eb6f fix(onboarding): Do not create onboarding branches when onboarding is disabled (#3519) 2019-04-10 15:43:10 +02:00
Matt Lavin
e88c8c02cc fix: Respect requireConfig setting when onboarding=false (#3516) 2019-04-10 07:02:26 +02:00
Rhys Arkins
a599eab231
feat: unify file locations (#3507) 
feat: unify file locations
 2019-04-09 17:14:08 +02:00
Rhys Arkins
6015a49494 refactor: branchifyUpgrades key value 2019-04-06 18:00:36 +02:00
Rhys Arkins
8ffd26eb3c refactor: getCommitMessage 2019-04-06 18:00:35 +02:00
Rhys Arkins
c52ac258e8 refactor: generateBranchConfig -> ifTypesGroup 2019-04-06 18:00:35 +02:00
Rhys Arkins
634c6d9433 refactor: pruneStaleBranches -> cleanUpBranches 2019-04-06 18:00:34 +02:00
Rhys Arkins
05ecddf805 refactor: better unique filter 2019-04-04 18:20:40 +03:00
Rishabh Jain
0038142cc2 fix: renovate not creating PRs for some python dependencies (#3453) 2019-04-02 17:26:06 +02:00
Rhys Arkins
1b442538e4 refactor: more logs for PR limits 2019-04-02 15:53:53 +02:00
Rhys Arkins
88b048dfef fix: check pr exists during pruning log 2019-03-20 16:00:46 +01:00
Rhys Arkins
4379c4c2ac fix: don’t add autoclosed suffix more than once 2019-03-20 09:28:56 +01:00
Rhys Arkins
102a3a5e9e fix(maven): sort updates to same file from bottom up 2019-03-17 11:04:14 +01:00
Rhys Arkins
d8614aa785 fix(gitFs): gracefully handle git config failure 2019-03-16 07:55:39 +01:00
Rishabh Jain
940d3c4721 feat: add parentDir, baseDir metadata (#3383) 2019-03-15 05:36:56 +01:00
Tobias Bieniek
0b08b69c50 docs: onboarding/branch/create dry run typo (#3374) 2019-03-13 15:04:22 +01:00
Tobias Bieniek
80b7bc1415 docs: onboarding/branch/rebase dry run typo (#3375) 
It's "onboarding", not "onboaring" 😉
 2019-03-13 15:03:56 +01:00
Rhys Arkins
b7f108f2fe logs: fix lint 2019-03-13 12:51:57 +01:00
Rhys Arkins
76b6259b1c refactor: revert ensureIssue for config 2019-03-13 12:44:54 +01:00
Rhys Arkins
9b8901650c fix(onboarding): close config warning issue 2019-03-12 20:05:06 +01:00
Rhys Arkins
5bb6802bab refactor: rename deepcopy to clone 2019-03-11 23:43:30 +01:00
Rhys Arkins
320c414350 refactor: drop fast-clone 2019-03-11 23:42:22 +01:00
Rhys Arkins
ca66b34aaa fix(github): handle no firstPatchedVersion 2019-03-11 11:45:41 +01:00
Rhys Arkins
9ea64f42da refactor(github): hardcode vulnerability branchTopic 2019-03-10 08:46:46 +01:00
Rhys Arkins
9cd81a0b6d feat(github): include vulnerability descriptions 2019-03-10 08:40:28 +01:00
Rhys Arkins
65e5b957e9 fix(github): combine vulnerability alerts 2019-03-10 07:20:44 +01:00
Rhys Arkins
63daf6ef89 refactor: vulnerability manager mapping 2019-03-10 05:20:41 +01:00
Rhys Arkins
eb5ccffdcd fix: update GitHub vulnerability alerts parsing 
Closes #3340
 2019-03-09 07:16:12 +01:00
Rhys Arkins
936fc76ea1 feat: raise issue for active repos without configs 
Closes #3336
 2019-03-08 18:16:21 +01:00
Gautier Pelloux-Prayer
12d4436484 fix: do not create onboarding branch on dry run (#3333) 
This fixes the following scenario:

- on boarding branch is created
- on boarding branch is closed (merged or not) - branch is deleted. So renovate is not configured.
- you relaunch renovate with `--dry-run true`. Then it crashes with:
 2019-03-08 15:43:33 +01:00
Rhys Arkins
d78e6a0486 fix: copy through sourceDirectory 
Closes #3096
 2019-03-08 12:16:42 +01:00
Rhys Arkins
6ede22ab03 fix: lockfile-update => update-lockfile 2019-03-08 08:16:26 +01:00
Rhys Arkins
6417aba868 refactor: deepcopy 2019-03-07 10:56:06 +01:00
Rhys Arkins
f5c1ffb8fd fix(masterIssue): link to edited PRs 
Closes #3259
 2019-03-07 00:20:22 +01:00
Rhys Arkins
fae041b98d fix: dockerRepository typo 
Closes https://github.com/renovatebot/config-help/issues/151
 2019-03-06 17:13:02 +01:00
Rhys Arkins
de33fa0194 refactor: not-found is not disabled 2019-03-05 08:00:56 +01:00
Rhys Arkins
69cdf2d186 fix: deepcopy getPkgReleases results 
Closes #3298
 2019-03-03 09:41:18 +01:00
Rhys Arkins
80ca5d89cb fix: warn only if sourceUrl and toVersion 2019-03-02 22:57:27 +01:00
Rhys Arkins
bec847c379 feat: notify of possible groupings 
Closes #3281
 2019-03-02 10:45:10 +01:00
Rhys Arkins
36f2e0acd9 fix(lockFileMaintenance): don’t delete conflicted PRs 
Closes #3018
 2019-02-16 11:50:59 +01:00
Rhys Arkins
67b29f8a2c fix: copy dockerRegistry and dockerRepository 
Closes https://github.com/renovatebot/config-help/issues/151
 2019-02-14 06:05:08 -05:00
Rhys Arkins
703fa52d6c fix: bad-credentials 2019-02-13 16:33:58 -05:00
Rhys Arkins
a9332a8db0
feat: replace purl with datasource (#3154) 
This deprecates the (internal) use of package URLs and instead replaces with `datasource`/`lookupName`.

Closes #3005
 2019-02-04 09:41:22 +01:00
Rhys Arkins
b5965c6285 fix(gitFs): gracefully handle authentication failure 2019-02-02 02:46:32 +01:00
Rhys Arkins
0246f6c201 refactor: getPkgReleases 2019-01-28 06:40:37 +01:00
Rhys Arkins
9d2e70775b refactor: better log allowedVersions problems 2019-01-25 09:10:17 +01:00
Rhys Arkins
396fb977c3 fix(allowed-versions): fallback to npm semver range syntax 2019-01-25 08:21:28 +01:00
Rhys Arkins
78d6d52a2e feat(pr): support displayFrom / displayTo for PR templating 2019-01-24 06:39:23 +01:00
Rhys Arkins
62d92660b2
feat: new 'lockfile-update' rangeStrategy (#3108) 
Adds a new `rangeStrategy` value `lockfile-update'. Enabling this means you will get PRs that contain updates for the versions in your lock file (currently npm and yarn only) even if the range in the `package.json` file hasn't changed because the update is "in range".

Closes #1382
 2019-01-24 06:23:08 +01:00
Rhys Arkins
e8a487a90f refactor: drop mirrorMode 2019-01-23 00:05:56 +01:00
Rhys Arkins
33b3308df6 refactor: log purl if lookup fails 2019-01-21 16:48:10 +01:00
Jan Sauer
1fb755c89c feat: gradle-wrapper (#3038) 
Adds support for updating the gradle version used in a project via the gradle-wrapper.
See https://docs.gradle.org/current/userguide/gradle_wrapper.html
 2019-01-09 12:50:53 +01:00
Rhys Arkins
55257fff26
feat: centralise app strings (#3032) 2019-01-06 14:47:42 +01:00
Rhys Arkins
e19294e894
feat: centralise config file list (#3031) 2019-01-06 06:03:26 +01:00
Rhys Arkins
4b38793471 refactor: trustLevel 2019-01-05 09:16:32 +01:00
Rhys Arkins
67e3825f42 refactor: renovateFork -> includeForks 2018-12-31 07:46:00 +02:00
Rhys Arkins
5b43931aab fix(gitFs): use sha for non-master branches 2018-12-23 08:46:09 +02:00
Rhys Arkins
08b7752027 feat(github): ensure issue once 2018-12-19 06:05:43 +01:00
Rhys Arkins
4356d4c7d5 fix: recreateClosed if grouping multiple digests 
Closes #2974
 2018-12-18 22:22:19 +01:00
Rhys Arkins
6ef61c8608 Revert "feat: ensureIssue once" 
This reverts commit 3988fb808a.
 2018-12-16 17:18:00 +01:00
Rhys Arkins
6785cd54bd refactor: update deprecation message to allow closing 2018-12-14 12:09:13 +01:00
Rhys Arkins
3988fb808a feat: ensureIssue once 
Closes #2936
 2018-12-14 11:47:52 +01:00
Rhys Arkins
f3c339b2d6 fix: check packageFiles before length 2018-12-12 11:26:43 +01:00
Rhys Arkins
01ed8362db refactor: managers->enabledManagers 2018-12-11 12:30:23 +01:00
rtaum
3b74108e6c feat: suppressNotifications onboardingClose (#2934) 2018-12-11 07:22:07 +01:00
Rhys Arkins
a69376ab46 feat: printConfig 
Adds an option to print the full, resolved config for a repo at INFO level. e.g.

renovate —print-config owner/repo

Closes https://github.com/renovatebot/config-help/issues/128
 2018-12-10 08:53:55 +01:00
Rhys Arkins
772bc17603 refactor: repositoryUrl -> sourceUrl 2018-12-10 05:59:28 +01:00
Rhys Arkins
e190851f8e
feat(docker): use whole tag as currentValue (#2922) 2018-12-10 04:26:14 +01:00
Rhys Arkins
42eb19bb91 fix(deprecation): reset list for each manager 2018-12-09 13:51:50 +01:00
Rhys Arkins
32e2140886 fix(deprecations): do not raise warnings for onboarding repos 2018-12-09 13:12:10 +01:00
Rhys Arkins
c742ac02ee refactor(deprecations): add info on how to disable 2018-12-09 13:11:41 +01:00
rtaum
90af9fc3ab feat: refactor raiseDeprecationWarnings into suppressNotifications (#2921) 2018-12-09 11:39:35 +01:00
Rhys Arkins
0f57f9a69a fix(onboarding): defensive warnings check 2018-12-09 10:42:38 +01:00
Rhys Arkins
6b12fc4ea4 refactor(versioning): use get function 2018-12-08 16:46:13 +01:00
Rhys Arkins
385c0531b8 feat(onboarding): warning about unresolvable dependencies 
Closes #2303
 2018-12-05 13:19:27 +01:00
Rhys Arkins
8f7a9e65f8 fix: escape master issue validation messages 
Prevents auto @‘ing

Closes #2870
 2018-12-05 09:04:27 +01:00
Rhys Arkins
fd6398ef69 fix(github): gracefully handle integration unauthorized 2018-12-03 12:03:46 +01:00
Rhys Arkins
8c79536101 feat(config): allow .github/renovate.json 2018-11-22 16:06:02 +01:00
Rhys Arkins
db0efdf053 feat: trustLevel 
New config option replaces existing option exposeEnv. Set trustLevel=high in the bot config if you trust the contents of the repositories you are renovating. Doing so results in env being exposed, access to localhost, etc.

Closes #2739
 2018-11-16 12:16:37 +01:00
Ayoub Kaanich
33781c4d39 feat(docker): better versioning redo 2018-11-05 12:14:04 +01:00
Rhys Arkins
71b8fb0e72 fix: Revert "feat: better docker versioning (#2742)" 
This reverts commit ea8bcbc9b2.
 2018-11-05 11:35:06 +01:00
Ayoub Kaanich
ea8bcbc9b2 feat: better docker versioning (#2742) 
Rewrite docker versioning to support versions of any size.

Closes #2357, Closes #2358
 2018-11-05 09:32:34 +01:00
Rhys Arkins
9292833ecf
refactor: extractAllFiles (#2741) 2018-11-05 07:47:44 +01:00
Rhys Arkins
44d119823f refactor: rename extractDependencies -> extractPackageFile 2018-11-04 18:51:23 +01:00
Rhys Arkins
7603fda78e logs: log masterIssue events 2018-11-02 06:53:17 +01:00
Ayoub Kaanich
2622046147 feat: Add master issue link to closed PRs (#2730) 
Closes #2665
 2018-11-02 06:23:45 +01:00
FidoX
be65176dc4 feat: gradle support (#2610) 
Closes #934
 2018-10-29 17:32:31 +01:00
Rhys Arkins
4f7d4fbeae logs: deprecationMessage 2018-10-29 05:53:00 +01:00
Rhys Arkins
7fdef1d683 fix: dry run deprecation issues 2018-10-29 05:52:45 +01:00
Rhys Arkins
05fa91e9cd feat: dry run 
Adds support to run Renovate like “renovate owner/repo —dry-run”. Instead of creating branches, PRs or comments, an INFO level dry run message will be logged each time instead.

Closes #1399
 2018-10-26 09:48:49 +02:00
Rhys Arkins
727dccfecd fix(onboarding): don’t update modified title 2018-10-25 13:45:08 +02:00
Rhys Arkins
f82f26197c fix: skip null current values 2018-10-19 07:09:31 +02:00
Rhys Arkins
e9053fbe4a fix: abort rollback if null toVersion 2018-10-19 06:57:21 +02:00
Rhys Arkins
81d64bb884 feat: repo mem cache for packagist 2018-10-18 11:06:57 +02:00
Rhys Arkins
e23ab0ea07 refactor: don’t warn for prune failure repository-changed 2018-10-18 06:10:19 +02:00
Rhys Arkins
6a48c03b3d
fix: massage empty renovate config to {} (#2663) 2018-10-17 12:19:34 +02:00
Rhys Arkins
a64507ac52 fix: properly await all repository cleanups 2018-10-17 12:19:02 +02:00
Rhys Arkins
5533d371c5 refactor: delete gitPrivateKey after setting 2018-10-17 06:48:07 +02:00
Rhys Arkins
4eaf3f8266 fix: better catch pr validation errors 2018-10-16 21:02:16 +02:00
Rhys Arkins
aabb486129 fix(hostRules): allow to be set in config 2018-10-15 13:35:55 +02:00
Rhys Arkins
50ba8473f7 refactor: lower debug logging 2018-10-15 09:21:57 +02:00
Rhys Arkins
00346aba2e fix(master issue): check branch.res first 2018-10-08 12:53:49 +02:00
Rhys Arkins
084fc4536c fix(docker): fix commit message/pr title for digest groups 
Fixes #2613
 2018-10-08 11:50:17 +02:00
Rhys Arkins
2cabefef83 fix(github): gracefully handle fork error 2018-10-08 10:42:17 +02:00
Rhys Arkins
c0e8e51b5e fix(lookup): improve digest comparison 2018-10-05 15:49:24 +02:00
Rhys Arkins
3092c17ee2 fix(lookup): don’t return early if digests supported 2018-10-05 15:27:49 +02:00
Rhys Arkins
bdf1227bc0 fix: better group commit extra detection 2018-10-05 14:04:21 +02:00
Rhys Arkins
ad605423b3 refactor: newValue => toVersions 2018-10-05 13:48:32 +02:00
Rhys Arkins
2dad7bbcd1 logs: debug versions lookup failure 2018-10-05 12:58:18 +02:00
Rhys Arkins
69cf9d309f feat(schedule): default to “at any time” 
Closes #2601
 2018-10-05 10:50:21 +02:00
Rhys Arkins
4ec79bb018 fix: better detect common toVersion when grouping 
Closes #2600
 2018-10-05 06:39:53 +02:00
Rhys Arkins
68f33875be fix: edited PRs should not be “Open” in master list 2018-10-04 13:54:28 +02:00
Rhys Arkins
ec434aebc7 fix: unique packages in master issue 2018-10-04 10:38:16 +02:00
Rhys Arkins
95d01e7ab1 feat: master issue 
Adds undocumented/experimental “master issue” feature.

Setting `config.masterIssue = true` will result in Renovate opening and maintaining an issue that contains a list of all PRs both pending and open, and allowing some control over them (e.g. bypass schedule, force retry, etc).

Setting `config.masterIssueApproval` in addition will mean that branches are not created automatically and instead await approval in that master issue.

Closes #2595
 2018-10-04 10:08:20 +02:00
Rhys Arkins
1f128bbcc2 refactor: processBranch function interface 2018-10-03 15:57:01 +02:00
Rhys Arkins
b33a4014e7 chore: log managers 2018-10-02 14:53:22 +02:00
Rhys Arkins
8597f16ba9 fix(golang): skip digest updates if real versions exists 2018-10-02 14:20:24 +02:00
Rhys Arkins
99df4f0f31 feat(golang): digest updates 
Adds support to update dependencies that have pseudo-versions like v0.0.0-20140422174119-9fd32a8b3d3d.
 2018-10-02 10:34:37 +02:00
Rhys Arkins
56eb334789 fix(branchName): replace all forward slashes 2018-09-30 07:40:32 +02:00
Rhys Arkins
94123c0b04 fix(onboarding): add line break 2018-09-30 07:39:09 +02:00
renovate[bot]
9bf339a24b build(deps): update dependency @sindresorhus/is to v0.12.0 (#2570) 2018-09-28 15:20:46 +02:00
Rhys Arkins
29115ba38c fix: bump patch only if explicitly separating 
Bump updates should only be separated into “patch” if users explicitly separate patch and minor.

Closes https://github.com/renovatebot/presets/issues/85
 2018-09-27 14:57:28 +02:00
Rhys Arkins
0e2947aa3f fix(followTag): jump unstable 
Fixes #2561
 2018-09-26 15:52:06 +02:00
Rhys Arkins
e4db4a4a35 fix(github): handle ‘empty’ repository properly 2018-09-25 08:50:47 +02:00
Rhys Arkins
2aa9c3c83d fix: try/catch branch prune 2018-09-24 21:22:34 +02:00
Rhys Arkins
ffc04a0203 fix(github): catch 409 empty 2018-09-24 20:02:57 +02:00
Rhys Arkins
08cf55e81f logs: branch/branchName 2018-09-24 11:47:49 +02:00
Rhys Arkins
9d46ca6dbd refactor: lower log levels 2018-09-23 07:26:06 +02:00
Rhys Arkins
fc9037a270 logs: correct depName/dependency 2018-09-20 12:13:18 +02:00
Klaus Meinhardt
e9e71f4c1d feat: followTag (#2538) 
If `followTag` is defined for a package, then Renovate will ignore all other available versions and instead stick strictly to whatever version is defined for the tag. npm-only for now.

Closes #2258
 2018-09-19 09:59:33 +02:00
Rhys Arkins
4b3c2d23ac
feat: combine tmp storage (#2533) 
Renovate will now put all its data in `path.join(os.tmpdir(), '/renovate’);` and will instruct npm and yarn to do the same. To force Renovate to use a specific folder, set `process.env.TMPDIR` when running. The previous variable `RENOVATE_TMPDIR` is now deprecated and will be rewritten to TMPDIR.

Closes #1794
 2018-09-18 05:26:09 +02:00
Rhys Arkins
7599fc8380 fix: ensure directories exist 2018-09-17 15:08:45 +02:00
Rhys Arkins
1d39525749 fix: better digest skip detection 2018-09-17 14:35:44 +02:00
Rhys Arkins
968d166ae5 logs: log localDir 2018-09-17 14:28:58 +02:00
Rhys Arkins
0498015f65 refactor(docker): use 7 char short digests 2018-09-16 06:11:12 +02:00
Rhys Arkins
788d96e5e9 refactor: rename isUnmergeable to isConflicted 2018-09-14 20:02:51 +02:00
Rhys Arkins
1e48508079 fix(onboarding): correct merge conflict detection 
Use isUnmergeable and not canMerge

Closes #2524
 2018-09-14 19:52:04 +02:00
Rhys Arkins
58d5483e7b feat: changelogUrl 
Allows static configuration of custom changelog URLs per npm package, which will then be displayed in PR bodies.

Closes #2520
 2018-09-14 06:55:38 +02:00
Rhys Arkins
dda0bade29
refactor: use single localDir per repo (#2505) 2018-09-12 06:30:01 +02:00
Rhys Arkins
2ce75cdbf1 refactor(composer): reuse localDir for lockfile generation 2018-09-10 15:58:24 +02:00
Rhys Arkins
ccffdaf712 fix: throw error up if no disk space 2018-09-08 07:16:05 +02:00
Rhys Arkins
81818195b7 refactor: separate lockFileMaintenance per-package file 
Closes #2464
 2018-09-07 09:26:43 +02:00
Rhys Arkins
74b34cda93 chore: move updateTypes def 2018-09-07 08:44:58 +02:00
Rhys Arkins
e5e303f46f logs: fix branches debug 2018-09-07 08:44:20 +02:00
Rhys Arkins
88c6a48b2a logs: less debug 2018-09-05 15:04:18 +02:00
Rhys Arkins
2e78f515d1 logs: lower debug 2018-09-05 14:45:52 +02:00
Rhys Arkins
4539487d26 refactor: less logging 2018-09-05 14:18:31 +02:00
Rhys Arkins
80463651ca feat: logger err serializer 
Include body, message and stack with every error if present
 2018-09-05 10:32:53 +02:00
Rhys Arkins
4a0b3cf83e fix: move cleanRepo to finally 2018-09-05 06:31:25 +02:00
Rhys Arkins
ef70c48d4b fix: sort dependencies by name in PRs 
Remove randomness
 2018-09-04 06:30:47 +02:00
Rhys Arkins
0e0d050884 refactor: include releases only if there’s an update 2018-08-29 11:13:45 +02:00
Vladimir Starkov
608d8c5be0 feat: Bitbucket Cloud support 
Adds platform support for Bitbucket cloud.

Closes #136, Closes #2238
 2018-08-29 07:30:23 +02:00
Rhys Arkins
5fb9d77bba
feat: separate groups into major/minor/patch (#2426) 
Previously if grouping, all major/minor updates within that group were combined into one. Instead, we now honour the “separateMajorMinor”, "separateMinorPatch", and "separateMultipleMajor" settings and keep the groups separate if necessary.

For maximum compatibility with existing PRs, we name branches like `renovate/group-name` whenever possible and only name them like `renovate/major-group-name` or `renovate/patch-group-name` if major or patch are found.

Closes #2425
 2018-08-27 06:25:17 +02:00
Rhys Arkins
154ff9e800 fix(logs): move autoclose log 2018-08-23 21:20:45 +02:00
Rhys Arkins
a9758dc77e refactor(logs): autoclosed 2018-08-23 20:37:52 +02:00
Rhys Arkins
bd5d7eedb8 refactor(logs): rename autoclose log 2018-08-23 20:16:12 +02:00
Rhys Arkins
516f60a2cf refactor: save dep homepage 2018-08-16 18:35:01 +02:00
Maximilian Gaß
7a1418ad6f fix(docker): exclude calico/node from being marked as Node.js (#2397) 
fix(docker): exclude calico/node from being marked as Node.js
 2018-08-16 15:46:19 +02:00
Rhys Arkins
d2885e5d9e fix: do not jump unstable versions implicitly 
If the current value is already unstable then we presume the user is happy to take newer unstable versions. However we should not presume that they want to keep jumping versions if so and instead would prefer to stabilise.

Discussed in #2258 but does not close it
 2018-08-15 09:40:10 +02:00
Rhys Arkins
103d8fbf68
feat: prettyDepType (#2376) 
Adds field prettyDepType available for templates, currently used for npm only. Allows for PR titles like “Update devDependency left-pad to v1.3.0” instead of default “Update dependency left-pad to v1.3.0”.

To enable in PR titles: add this configuration: `"commitMessageTopic": "{{prettyDepType}} {{depName}}”`

This is not enabled by default as otherwise it could lead to the reopening of previously manually-closed PRs.

Closes #2371, Closes #1863
 2018-08-11 11:24:38 +02:00
Maximilian Gaß
15ee7ab4ae fix: pinning digest of latest version (#2359) 
If the dependency already is the latest version, filteredVersions is
empty here, and then the early exit skips over the pinning code
 2018-08-11 10:03:57 +02:00
Rhys Arkins
a30972f6f6 refactor: info not warn when no fixedIn alert 2018-07-31 07:21:25 +02:00
Rhys Arkins
31f2f4c610 refactor: rename getDependency to getPkgReleases 2018-07-29 16:04:00 +02:00
Rhys Arkins
1da53671b8 feat: vulnerabilityAlertsOnly 
For use in new app
 2018-07-29 09:03:54 +02:00
Rhys Arkins
ac371e2a37
feat(github): vulnerability alerts (#2321) 
Adds rules to skip any configured grouping or schedules that prevent insecure packages from being updated immediately.

If GitHub's vulnerability alerts are detected, package rules are added to force empty schedule and grouping for each affected package. Settings are configurable via new `vulnerabilityAlerts` config object, e.g. so that custom PR titles, labels or assignees can be configured.

Closes #1567
 2018-07-29 06:35:25 +02:00
Rhys Arkins
0fa593d5ab feat: log github vulnerability alerts 2018-07-28 08:47:49 +02:00
Rhys Arkins
9555b27d9e fix(lookup): use major/minor/patch updateType instead of bump 
Helps https://github.com/renovatebot/config-help/issues/67 and https://github.com/renovatebot/config-help/issues/70#issuecomment-407595535
 2018-07-25 08:58:17 +02:00
Rhys Arkins
9064e0af62 fix(baseBranches): apply special branch and PR naming only when multiple 
baseBranch will be applied in PR title and in branch name only if there are more than one.

Closes #2306
 2018-07-23 16:40:30 +02:00
Rhys Arkins
dcd90827a1 refactor(onboarding): don’t @ me 2018-07-23 11:27:14 +02:00
Rhys Arkins
1ada8b7913 feat: improved onboarding description 
Adds description if onboarding PR is edited or conflicted. Removes config description if PR has been edited. Adds description of PR rate limiting.

Closes #1317, Closes #1684, Closes #1359
 2018-07-23 11:11:27 +02:00
Rhys Arkins
bd249c8a86 refactor(onboarding): simplify update text 
De-dupplicates text in the onboarding PR and makes it closer to what the theoretical commit message would be.

Closes #1315, Closes #2211
 2018-07-22 22:38:59 +02:00
Rhys Arkins
945353376b feat(onboarding): use <details><summary> 
Closes #2304
 2018-07-22 22:26:45 +02:00
Rhys Arkins
adf5b0d13a fix(onboarding): use platform getPrBody 2018-07-22 22:05:53 +02:00
Rhys Arkins
30334c2722 refactor(onboarding): consistent header depth 2018-07-22 22:05:39 +02:00
Rhys Arkins
6f868c83f2 refactor(lookup): return warnings object 2018-07-22 11:43:47 +02:00
Rhys Arkins
fa6e23f414 fix: deduplicate file matches 
Closes #2299
 2018-07-22 09:37:10 +02:00
Rhys Arkins
efa5edbdf3 fix(onboarding): delete onboarding PR branch if pr not found 2018-07-22 09:07:31 +02:00
Rhys Arkins
bb28ae27a2 fix: check for valid fromVersion before pinning 2018-07-22 08:05:21 +02:00
Rhys Arkins
14cbd68d42 feat: rollbackPrs 
Adds new config option `rollbackPrs` which defaults to `true` (current behaviour). Setting to false will disable creation of rollback PRs - configurable globally, per-language, per-package, etc.
 2018-07-22 06:49:04 +02:00
Rhys Arkins
cffef4f1b4 logs: debug rollback versions, not info 2018-07-22 06:32:17 +02:00
Rhys Arkins
a0e2a18e7a
refactor(docker): rename docker manager to dockerfile (#2298) 
"docker" in config now refers to the Docker "language", which is the parent of dockerfile, docker-compose and circleci managers.
 2018-07-21 19:40:50 +02:00
Rhys Arkins
7066a5dd99 fix(docker): use tag suffix when looking up new digest 2018-07-21 10:47:29 +02:00
Rhys Arkins
2af433094c fix(github): treat 401 Bad Credentials as platform failure 2018-07-21 08:38:13 +02:00
Rhys Arkins
482892042a fix(docker): filter out failed digest lookups 2018-07-20 18:59:30 +02:00
Rhys Arkins
2635b234c7 refactor: don’t warn if no versions found 2018-07-20 10:03:18 +02:00
Rhys Arkins
7254b5f16c
feat: use generic lookup for docker (#2280) 
Removes custom Docker lookup code and instead integrates it with the generic lookup routine used by other package managers. Logic for digest support was added but is used by Docker-only for now.

Closes #2081, Closes #2276
 2018-07-20 09:09:01 +02:00
Rhys Arkins
449f72131b fix: better enabled/disabled/onboarding/unknown status 2018-07-19 08:54:15 +02:00
Rhys Arkins
5cb03c94ae fix: log stack trace for unknown errors 2018-07-17 12:18:28 +02:00
Rhys Arkins
b77fbeaec9 fix: replace vv in commitMessage 2018-07-17 08:24:43 +02:00
Rhys Arkins
cddd9cd858 feat: raise prs with lock file warning 
Raises PRs and includes warning if lock file updates fail and release timestamp is greater than a day old.

Closes #2233
 2018-07-14 08:14:02 +02:00
Rhys Arkins
e83cb0a9c2 feat: skip schedule for pin dependencies PRs 
Pin dependencies PRs can hold up other PRs, so should not be restricted by configured schedules.

Relevant to https://github.com/renovatebot/config-help/issues/64
 2018-07-13 06:58:39 +02:00
Rhys Arkins
ca23927735 feat: pin PRs should only block necessary PRs 
Previously if there were any “pin” updates then that would block all non-pin updates until the pin one was merged. However, this doesn’t make sense if the other PR is for an unrelated dependency.

Closes https://github.com/renovatebot/config-help/issues/64
 2018-07-13 06:48:52 +02:00
Rhys Arkins
ee4132fd14 refactor: if/else with return 2018-07-09 11:28:42 +02:00
Rhys Arkins
11c4741271 refactor: fix import order 2018-07-09 11:15:06 +02:00
Rhys Arkins
ae7aecac95 fix: setNpmrc after resolveConfig 2018-07-06 17:04:40 +02:00
Rhys Arkins
42145e60fc refactor: log npmrc 2018-07-06 16:56:29 +02:00
Rhys Arkins
9616fab1af fix: delete bloat from updateConfig 2018-07-06 07:14:26 +02:00
Rhys Arkins
80c6ca1e72 fix: don’t discard updateTypes rules before they’re applied 2018-07-06 06:43:02 +02:00
Rhys Arkins
2d4aa131a3 fix: empty packageRules after applying to update 2018-07-05 22:23:48 +02:00
Rhys Arkins
9521b08b03 refactor: use isSingleVersion in template instead of isRage 
Refactors template logic to test for isSingleVersion instead of the negative of isRange. This means that new values like `==1.2.0` in python will be presented as v1.2.0
 2018-07-05 21:11:58 +02:00
Rhys Arkins
d4f2572651 fix: assign config.force after every mergeChildConfig 2018-07-05 18:55:00 +02:00
Rhys Arkins
16d88aee4c feat: ignoreDeprecated 
Renovate now ignores any upgrades that are marked as deprecated, unless the current version is itself also deprecated. The new config option `ignoreDeprecated` can be set to false to disable this if necessary.

Closes #1988
 2018-07-05 15:10:50 +02:00
Rhys Arkins
7c0a17e9d0 feat: group together deprecation warnings 
Previously, deprecation warnings were done as part of dependency lookups, which were run concurrently. This meant the chance of duplicate issues was high, due to race conditions. Instead, raising the issues is done once all package are looked up, to ensure only one issue per manager/dependency. It also means we can list all of the affected package files, in case of a monorepo.

Closes #2224, Closes #2225
 2018-07-05 14:23:28 +02:00
Rhys Arkins
0144bac228 fix: force config after each package rules apply 2018-07-05 12:37:46 +02:00
Rhys Arkins
5ea6955aac fix: don’t reuse lock files in branch if any updates are lock file maintenance 2018-07-05 12:06:55 +02:00
Rhys Arkins
24a89a775b
feat(npm): deprecation warnings (#2222) 
Raises a deprecation warning issue per-dependency. Uses logic that if latest version is deprecated then the package is deprecated.

Closes #1592
 2018-07-05 09:16:53 +02:00
Rhys Arkins
8a8890f82f feat: support updateType=bump 
Refactors updateType logic so that a type of “bump” is returned when bumping versions within existing ranges, instead of minor or major. Updates that fall *outside* the existing range will continue to be labeled as minor or major as appropriate.

This value can now be used within packageRules, e.g.

```
  “updateTypes”: [“bump”],
  “labels”: [“bumped version only”]
```

Closes #1942
 2018-07-04 10:26:31 +02:00
Rhys Arkins
ebbd417e47 chore: prettier 2018-07-04 10:21:41 +02:00
Rhys Arkins
fb6271e4f7 refactor: rename update.type -> update.updateType 2018-07-04 10:11:53 +02:00
Rhys Arkins
d8667619d8 fix(npm): move ignoreNpmrcFile logic out of mirror mode 
Logic to automatically ignoreNpmrcFile=true when npmrc found was in the wrong location.
 2018-07-03 13:51:59 +02:00
Rhys Arkins
b2cecc38da logs: print versions when rolling back 2018-07-03 11:49:19 +02:00
Rhys Arkins
7c99089b6a logs: debug ignoring npmrc files 2018-07-02 20:26:11 +02:00
Rhys Arkins
83bf162949 fix: automerge only if every upgrade in branch is automerge 
When generating a branch’s config, iterate through all upgrades and set automerge=true for the branch only if all upgrades have automerge=true. Similarly, set canBeUnpublished=true if ANY upgrade can be unPublished.

Closes #1999
 2018-07-02 07:43:21 +02:00
Rhys Arkins
c1bd2197e2 refactor: use res object for lookup 2018-07-01 07:53:26 +02:00
Rhys Arkins
01ccb03b94 feat: massage docker Node.js branches 
Manually finds and massages node updates in Docker, Docker Compose and Circle CI so that they should take on the same “renovate/node-8.x” style branch naming. The goal is to unify all node updates into a single branch.
 2018-06-29 06:55:42 +02:00
Rhys Arkins
645ec7f171 fix: add releaseTimestamp to update 2018-06-28 10:52:56 +02:00
Rhys Arkins
6e0c6affdc logs: setMeta repository before handling error 2018-06-28 10:38:25 +02:00
Rhys Arkins
a3043c47ec feat: log warning if lock file error persists for 1 day 
Raises an additional log file warning whenever lock file errors persist for a day or longer. The idea of this is that temporary errors - e.g. caused by npmjs itself - should not disturb the user. 1 day seems like a reasonable time for multiple attemps to be made first, assuming it has been scheduled. Once this is tested in production for a little while and no unexpected problems, it will be converted to actually raise a config warning issue in the repo to get user attention.
 2018-06-28 10:17:17 +02:00
Rhys Arkins
edb67e6083 refactor: add latest releaseTimestamp to config 2018-06-28 09:54:31 +02:00
Rhys Arkins
57249e105b
feat: pass gitAuthor to platform during init (#2183) 
Refactors platforms to take the admin-only `gitAuthor` and `gitPrivateKey` values during repository initialisation instead of during file commits.
 2018-06-27 18:40:54 +02:00
Rhys Arkins
74d567897c fix: apply packageRules after merging upgrade type settings 
Fixes #2180
 2018-06-27 07:14:41 +02:00
Rhys Arkins
53b6050017
feat: force, forceCli (#2145) 
Adds config options force and forceCli. These cover the use case where a certain setting is desired to be forced by the bot admin, regardless of repository config, for example removing all configured schedules in order to force PR creation.

Closes #1731
 2018-06-21 10:23:59 +02:00
Rhys Arkins
163bad03c9 fix: catch JSON.parse error for renovate config 2018-06-20 19:11:57 +02:00
Rhys Arkins
eb21abf118 feat: flatten nested packageRules after resolving 
This solves the problem of nested packageRules, such as when a paths-based rule is used to extend a preset that itself includes packageRules.

Closes https://github.com/renovatebot/config-help/issues/58
 2018-06-20 14:57:05 +02:00
Rhys Arkins
ddf479dec3 fix(onboarding): Correct onboarding “merged or closed” statement 2018-06-16 09:58:14 +02:00
Rhys Arkins
4ccbc20bc1
fix: match current version (#2135) 
fix: match current version
 2018-06-16 09:28:11 +02:00
Rhys Arkins
124807974a feat(nuget): support changelogs 
Refactors nuget lookups to use generatic logic and fill in repositoryUrl to enable changelogs.
 2018-06-14 15:52:37 +02:00
Rhys Arkins
c9f7b74bc7 refactor: add releases to lookupUpdates return 2018-06-12 06:53:56 +02:00
Rhys Arkins
db45e5cc71 refactor: push repositoryUrl down 2018-06-12 06:47:43 +02:00
Rhys Arkins
5166b86a1b refactor: lookupUpdates return object not array 2018-06-12 06:45:57 +02:00
Rhys Arkins
688ec14b6a refactor: datasource return array of releases 2018-06-11 14:28:50 +02:00
Rhys Arkins
45d0dcf492 fix: pass auto’d rangeStrategy to getNewValue 
Closes #2111
 2018-06-11 05:52:46 +02:00
Rhys Arkins
01d2fb3bca
feat: datasource wrapper (#2100) 
Adds a wrapper to all datasources to provide a generic purl-based interface.
 2018-06-08 10:49:08 +02:00
Ayoub Kaanich
697b80aaf0 feat: composer exact semver support (without lockfile updates) (#1993) 
This PR adds the packagist datasource plus basic exact semver Composer support. Composer lockfile updating is not yet supported.
 2018-06-08 06:15:13 +02:00
Rhys Arkins
5fd996c9cc refactor: use isSingleVersion not isRange 2018-06-06 12:25:10 +02:00
Rhys Arkins
603b77799b
feat: refactor unpublishSafe for multiple package managers (#2090) 2018-06-06 11:04:54 +02:00
Ayoub Kaanich
f283104988 feat: use purl for pip requirements (#2067) 2018-06-05 11:26:08 +02:00
Rhys Arkins
96b4788697 tests: fix coverage 2018-06-05 11:22:21 +02:00
Rhys Arkins
bc652673ba fix: properly handle null rollback 2018-06-05 10:48:38 +02:00
Rhys Arkins
05260a5b16 refactor: remove semver dependency from github datasource 
Instead, perform isVersion filter in lookup
 2018-06-05 08:15:11 +02:00
Rhys Arkins
98e9198c8e refactor: replace indexOfs 2018-06-04 20:44:32 +02:00
Connor Brathwaite
398303235b (refactor): delegate generic predicate checking to @sindresorhus/is (#2021) 
Closes #1764
 2018-06-04 20:07:22 +02:00
Rhys Arkins
9fbaf9a3ca fix: unpublishable / unpublishSafe 
Corrected logic mistake and renamed unpublishable (internal) to canBeUnpublished to make it easier to follow logic.

Closes #2080
 2018-06-04 14:56:47 +02:00
Rhys Arkins
0aaee7bd82 refactor: simplify lookup 2018-06-04 12:23:21 +02:00
Rhys Arkins
c21029ecbb
refactor: rename some versioning interface (#2078) 
isPinnedVersion -> isVersion
rangify -> getNewValue
 2018-06-04 06:03:21 +02:00
Rhys Arkins
d8cb261ecb
refactor: rename version -> value (#2076) 
Renames currentVersion to currentValue, newVersion to newValue, newVersionMajor to newMajor, and newVersionMinor to newMinor.
 2018-06-04 05:48:20 +02:00
Ayoub Kaanich
ec53ef78e9 refactor: lookup use versioning wrapper 2018-06-03 18:08:32 +02:00
Rhys Arkins
0523a6ef99 refactor: simplify filterVersions 2018-06-03 16:45:34 +02:00
Rhys Arkins
527c355b48
refactor: move getRangeStrategy to manager (#2072) 2018-06-03 14:25:05 +02:00
Rhys Arkins
dd09707c20 refactor: default versionScheme to ‘semver’ 2018-06-03 07:43:09 +02:00
Rhys Arkins
5a8c9f57f6 logs: info not warn for no rollback 2018-06-01 17:51:14 +02:00
Rhys Arkins
784a0598b9 refactor: use options for github datasource 2018-06-01 15:32:17 +02:00
Rhys Arkins
bc7728f1d2 refactor: use purl.parse 2018-06-01 14:48:49 +02:00
Rhys Arkins
d02914fd3b tests: update test for repositoryUrl 2018-06-01 10:11:42 +02:00
Rhys Arkins
e39cc9a584
feat: use purl for package lookups (#2041) 2018-06-01 09:02:51 +02:00
Rhys Arkins
54e4733ca5 refactor: fetch return if skipReason present 2018-05-31 21:02:07 +02:00
Rhys Arkins
d6132ff634 fix: flatten only if updates are present 2018-05-31 20:53:29 +02:00
Rhys Arkins
a8bcd004dd logs: fix fileCount 2018-05-31 13:07:09 +02:00
Rhys Arkins
d71639bbf8 refactor: fetch array or object 2018-05-29 10:27:41 +02:00
Rhys Arkins
7b149df595 logs: less debug 2018-05-28 22:25:33 +02:00
Rhys Arkins
2610015467 fix: abort repository when lockfile error 2018-05-24 16:28:36 +02:00
Rhys Arkins
d45f957cfd refactor: defer isX upgrade classifications 2018-05-21 17:20:41 +02:00
Rhys Arkins
2f1e1a979a fix: Revert "feat: permission check in initRepo (#1983)" 
This reverts commit 09978ae8dd.
 2018-05-19 09:15:10 +02:00
Dragomir Țurcanu
09978ae8dd feat: permission check in initRepo (#1983) 
Added permission checking on `initRepo` which, in case of an error, throws a clear message (`The token doesn't have the write permissions to the repository`)

Closes #509
 2018-05-19 08:33:41 +02:00
Rhys Arkins
7f4cb4aa57
feat: rangeStrategy (#1954) 
This PR replaces the existing `pinVersions`, `upgradeInRange` and `versionStrategy` settings with a single one: `rangeStrategy`.

Previously:
 - `pinVersions` could be `true` or `false`, but defaulted to `null`, which meant that Renovate would decide. `true` meant that Renovate would replace existing ranges like `^1.0.0` with an exact/pinned version such as `1.2.0`.
 - `upgradeInRange` could be true or false, default to false. If `true`, it would mean Renovate would replace an existing range like `^1.0.0` with something like `^1.2.0`
 - `versionStrategy` could be `replace` or `widen` and was mainly used for `peerDependencies` to widen existing ranges, e.g. from `^1.0.0` to `^1.0.0 || ^2.0.0`

It was possible to set conflicting settings, e.g. configuring `pinVersions=true` and `upgradeInRange=true`.

Now, we combine them into a single setting: `rangeStrategy`:
 - `auto` = Renovate decides (this will be done on a manager-by-manager basis)
 - `pin` = convert ranges to exact versions
 - `bump` = same as `upgradeInRange` previously, e.g. bump the range even if the new version satisifies the existing range
 - `replace` = Same as pinVersions === false && upgradeInRange === false, i.e. only replace the range if the new version falls outside it
 - `widen` = Same as previous versionStrategy==='widen'
 2018-05-17 07:16:13 +02:00
Rhys Arkins
407b302cfe logs: info not warn for no packageFile content 2018-05-16 08:50:30 +02:00
Rhys Arkins
791f31b9ac fix: handle null content returned for package file 2018-05-16 06:37:26 +02:00
Rhys Arkins
4f5896c908 refactor: monorepo -> internal-package 2018-05-15 13:46:41 +02:00
Rhys Arkins
409cd4adde refactor: monorepoPackages -> internalPackages 2018-05-15 07:21:10 +02:00
Rhys Arkins
2b2b1d92ab logs: packageFiles -> config 2018-05-14 07:56:17 +02:00
Rhys Arkins
69b264cf01 fix(npm): don’t read npmrc files if ignoreNpmrcFiles=true 2018-05-13 23:06:27 +02:00
Rhys Arkins
ebe9607d79 fix(npm): npmrc/ignoreNpmrc logic 2018-05-13 22:04:06 +02:00
Rhys Arkins
49bbcd48e8 fix(onboarding): rebase existing content 
# Conflicts:
#	lib/workers/repository/onboarding/branch/rebase.js
 2018-05-13 14:43:07 +02:00
Rhys Arkins
8ca30e5b92 fix: use getBranchPr not findPr for onboarding 
This allows for the case where the user renames the PR.
 2018-05-11 17:59:30 +02:00
Rhys Arkins
6f583ab0e6 fix(presets): set npmrc after first decrypt 
In case the renovate config has a npmrc in it that is used to decrypt a preset.
 2018-05-11 15:43:14 +02:00
Rhys Arkins
680a0bc193 fix: don’t fetch .npmrc in initApis 
It will be fetched if there is a package.json anyway
 2018-05-10 21:03:25 +02:00
Rhys Arkins
eccef72b52 fix(npm): restore autodetect pinVersions 2018-05-09 18:17:11 +02:00
Rhys Arkins
4791742060 fix: close configuration issue 2018-05-09 18:03:48 +02:00
Rhys Arkins
3989d47f76 fix: re-enable semantic commit detection 2018-05-09 14:38:17 +02:00
Rhys Arkins
407f8fc576 refactor: drop key after decrypt 2018-05-09 13:43:23 +02:00
Rhys Arkins
43ac21778f logs: decrease debugging 2018-05-09 13:31:04 +02:00
Rhys Arkins
66804bf211 logs: drop excessive debug 2018-05-09 13:26:16 +02:00
Rhys Arkins
d75a220008 fix: filter out disabled updates 2018-05-09 11:37:35 +02:00
Rhys Arkins
9fe651bca9 logs: drop unnecessary flatten debugs 2018-05-09 10:14:35 +02:00
Rhys Arkins
ecdcd9df4f
feat: refactor dependency extraction (#1912) 
Rewrite of dependency extraction, particularly for npm. Paves way for easier addition of new package managers.

Closes #1882
 2018-05-09 08:03:59 +02:00
Rhys Arkins
9ffd0abda1 refactor: replace stringify/parse with fast-clone 2018-05-07 21:50:40 +02:00
Rhys Arkins
812fe227b8 fix(onboarding): adjust packageFiles check when filtering 2018-05-07 20:14:00 +02:00
Rhys Arkins
ad16528fa0 fix: don’t debug branches when sorting 2018-05-07 13:21:46 +02:00
Rhys Arkins
2517c9f1d9
refactor: renovateRepository split (#1928) 2018-05-07 12:59:32 +02:00
Rhys Arkins
6431cf6861 refactor: move sortBranches 2018-05-07 07:59:53 +02:00
Rhys Arkins
c0c935963e refactor: remove null onboarding case 2018-05-07 07:55:49 +02:00
Rhys Arkins
4a4feb35ab refactor: pass branches explicitly to repo onboarding 2018-05-07 07:02:08 +02:00
Rhys Arkins
7189f4682f refactor: simplify repo init 2018-05-07 06:47:17 +02:00