renovate
renovate | renovate | |
---|---|---|
12 | 115 | |
- | 15,794 | |
- | 2.1% | |
- | 10.0 | |
- | 3 days ago | |
TypeScript | ||
- | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
renovate
-
Understanding Mend Renovate's Pull Request Workflow
Navigate to the Mend Renovate App on the GitHub Marketplace: https://github.com/apps/renovate.
-
:latest or :version for supporting services?
You commit your docker-compose.yml file(s) to a GitHub repo (don't commit secrets!!), then add the Renovate App to your repo, merge the onboarding PR, then you'll get PRs when an image is updated.
-
Renovate app vs Github Action
I can't figure out and my google-fu is failing but what is the difference between using the Renovate App [https://github.com/apps/renovate] and using the Action [https://github.com/renovatebot/github-action]
-
Automatically Updating Helm Chart Referenced in Argo CD Using Renovate - Part 2
renovate[bot] posted on May 05, 2023
-
How can I get all the repositories for which an app/bot is installed?
I want to gather some statistics to see for example how many repositories have installed Renovate: https://github.com/apps/renovate
-
Axios shipped a buggy version and it broke many productions apps. Let this be a lesson to pin your dependencies!
Use a dependency updater like dependabot or https://github.com/apps/renovate.
-
Automating Dependency Management Using Renovate
On the GitHub Marketplace, search for the Renovate app and click install. Select the organization or account where you wish to install Renovate. Next, choose whether to install Renovate across all of your repositories or just one particular one. We will only select one repository in this article.
-
Renovate, a Dependabot alternative
It's a breeze to set up Renovate on your repositories. Just browse the GitHub Renovate app and click on the big gree Install button in the top right corner. Choose which organization and which repositories you'll install Renovate in.
-
A cutting edge guide to maintaining your open source project
Firstly, you'd want to integrate Renovate with your GitHub account from here. Then click install, and follow the steps as instructed. While configuring, Renovate lets you decide, if it should run on all the repositories by default or to run on only on specified repositories, select the option as you wish (Note: If you'd want, Renovate to run on forked repositories, Selecting All repositories would skip forked repos by default, in such cases, you'd want to manually add the forked repo(s)). Soon after setting up Renovate with the required repositories, an onboarding PR is submitted by the Renovate bot which contains information like configuration summary and what packages/dependencies are supposed to be upgraded. For demonstration purposes, I've forked a repo from my GitHub account that is supposedly a mobile application built on React Native, which is no longer maintained, so it'd serve as a good example to test on. If you follow the above steps correctly, you should see an onboarding PR similar to this:
-
5 developer tools for detecting and fixing security vulnerabilities
Setting up Renovate is a matter of installing the hosted app, and configuring it by adding a renovate.json in the root of the repository. You can also install and run the Renovate CLI tool to get feedback on all your commits.
renovate
-
💡Automatic Deployment of your project dependencies updates on GCP : Efficiency vs. Cost?
This month, I gave a talk with my Zenika colleague Lise at the DevoxxFR conference about Renovate and Dependabot, two great tools to help you automatize and upgrade your dependencies.
-
How use Renovate Bot on self-hosted GitLab
There is no built-in Renovate Bot on a self-hosted GitLab. What can we do to set it up and enjoy all the benefits of automatic dependency updates?
-
Self-Hosted Is Awesome
> Yes, it is awesome until you have to sysadmin it, apply updates, patch it, fix security holes, etc. I am not saying all self-hosted solutions are like that. There are exceptions. However, the majority of open-source self-hosted solutions require a lot of extra work.
I'm currently self-hosting 10 different applications on my local server, which represents everything I've ever seen that looked fun or useful to me. Every one of them had a Docker image with an example compose file, which means updating them just requires periodically running Renovate [0] on the repo that stores all my compose files and then running a script that docker compose pulls the updates. It takes maybe 10 minutes every other week, and is actually kinda fun.
It helps that all the apps are only accessible from within my VPN, so I'm not too worried about fixing security updates within a tiny time window.
[0] https://github.com/renovatebot/renovate
-
Why I recommend Renovate over any other dependency update tools
This is a big deal! Where did you read this? I found:
https://github.com/renovatebot/renovate/discussions/26917
-
Locally test and validate your Renovate configuration files
Renovate is an automated dependency management tool that can be used to keep your dependencies up-to-date. It can be configured to automatically create pull requests to update your dependencies, and it supports a wide range of package managers and platforms.
-
Understanding Mend Renovate's Pull Request Workflow
To get started with Mend Renovate, the comprehensive official documentation provides detailed instructions on installation, configuration, and best practices. Additionally, the Mend Renovate community forum offers a platform for users to connect, share experiences, and access the collective knowledge base.
-
Unfork with ArgoCD
It is a good practice to keep software up to date. To track changes in upstream software, we can utilize automatic dependency tracking systems such as Dependabot or Renovate. This is a broad topic and requires a separate article to be covered. If you would like to read about it, please vote in the comments section below.
- 🦊 GitLab CI YAML Modifications: Tackling the Feedback Loop Problem
-
Evaluating New Software Forges
So do other forges: I have Renovate [0] set up on my self-hosted Forgejo and it's worked great so far.
[0] https://github.com/renovatebot/renovate
-
Long Term Ownership of an Event-Driven System
You can ease some of the burden for yourself though using tooling. If you are using GitHub, dependabot can be configured to make automatic PRs to your repo whenever there are dependencies to update. If you're not a GitHub user, you can use renovate which even supports self hosting.
What are some alternatives?
snyk - Snyk CLI scans and monitors your projects for security vulnerabilities. [Moved to: https://github.com/snyk/cli]
dependabot-core - 🤖 Dependabot's core logic for creating update PR's.
github-actions-and-renovate
dependabot
up-to-date-react-template - â™» An Always up-to-date React template with Typescript, Jest, Prettier, Github Actions and Renovate
scala-steward - :robot: A bot that helps you keep your projects up-to-date
opentelemetry-tracing - Demo for end-to-end tracing via OpenTelemetry
updatecli - A Declarative Dependency Management tool
renovate-runner
create-react-app - Set up a modern web app by running one command.
bitbucket-branch-source-plugin - Bitbucket Branch Source Plugin