mirror of https://github.com/renovatebot/renovate.git synced 2025-01-12 06:56:24 +00:00

Home of the Renovate CLI: Cross-platform Dependency Automation by Mend.io

azure-devops bitbucket dependencies dependencies-checking dependency-manager github gitlab npm package-management

Find a file

Rhys Arkins 79e9ce6d8f feat: pin npm dependencies using lock files When package-lock.json or yarn.lock files are present, and Renovate needs to “pin” any dependencies (e.g. after onboarding), it will use whatever version is in the lockfile rather than the latest version on npm js that satisfies the semver range. This should increase the chance that Pin Dependencies PRs pass tests, as it should use as close as possible dependencies as the previous time the lock file was committed to master. Thanks to @alexeagle for first suggesting this. Closes #1362		2018-01-26 10:18:40 +01:00
bin	docs: remove docs/configuration options	2018-01-11 10:49:21 +01:00
docs	docs: remove docs/configuration options	2018-01-11 10:49:21 +01:00
lib	feat: pin npm dependencies using lock files	2018-01-26 10:18:40 +01:00
test	feat: pin npm dependencies using lock files	2018-01-26 10:18:40 +01:00
website/docs/_posts	feat: verify status check (GitHub) (#1444 )	2018-01-25 13:36:21 +01:00
.editorconfig	Add editorconfig	2017-01-15 17:23:34 +01:00
.eslintignore	chore: fix eslint (#793 )	2017-09-13 21:43:52 +02:00
.eslintrc.js	chore: implement require-await eslint rule (#1095 )	2017-11-03 11:56:25 +01:00
.gitattributes	Add .gitattributes	2017-01-15 17:25:51 +01:00
.gitignore	feat: expose env to npmrc and npm/yarn/pnpm (#1407 )	2018-01-25 10:38:30 +01:00
.prettierignore	refactor: use prettier instead of eslint-plugin-prettier (#864 )	2017-10-01 07:06:06 +02:00
.travis.yml	chore: disable travis notifications (#1228 )	2017-11-23 13:11:45 +01:00
contributing.md	docs: remove docs/configuration options	2018-01-11 10:49:21 +01:00
license	Add license file	2017-01-15 17:27:41 +01:00
package.json	feat: pin npm dependencies using lock files	2018-01-26 10:18:40 +01:00
Procfile	fix: Heroku Procfile should use start and not start-raw	2017-11-01 15:28:07 +01:00
readme.md	fix: update readme and bump version	2018-01-22 14:28:58 +01:00
yarn.lock	feat: pin npm dependencies using lock files	2018-01-26 10:18:40 +01:00

readme.md

Renovate

Automated dependency updates. Flexible, so you don't need to be.

Why Use Renovate?

Receive automated Pull Requests whenever dependencies need updating. Or whenever you schedule it for.
Renovate discovers and processes all dependency files in a repository (e.g. supports monorepo architecture such as lerna or yarn workspaces)
Extremely customisable behaviour via configuration files or within your package.json
Use eslint-like shared config presets for ease of use and simplifying configuration
Update lock files natively in the same commit, including immediately resolving conflicts whenever PRs are merged
Supports GitHub, GitLab (APIv4) and VSTS. BitBucket is a WIP.
Open source (installable via npm/yarn) so can be self-hosted or used for free via GitHub App

The Renovate Approach

Everyone can benefit from automation, whether it's a little or a lot
Renovate should not cause you to change your workflow against your wishes - don't enforce opinions on users
All behaviour should be configurable, down to a ridiculous level if desired
Autodetect settings wherever possible (to minimise configuration) but always allow overrides

Using Renovate

The easiest way to use Renovate if you are on GitHub is to enable the free Renovate app. Go to https://github.com/apps/renovate to enable it now.

Configuration

The Configuration and Configuration FAQ documents should be helpful.

You can also raise an issue in https://github.com/renovateapp/config-help if you'd like to get your config reviewed or ask any questions.

Self-Hosting

If you are not on GitHub or you prefer to run your own copy of Renovate, then it takes only seconds to set up. Please see docs/self-hosting.md for instructions.