Automatically upgrade dependencies with Renovate. #140

bmarty · 2023-03-06T16:10:43Z

Since Dependabot does not support gradle catalog (yet), our dependencies are not updated and we are starting to get some vulnerability reports.

Renovate is another app which can do this work: https://github.com/renovatebot/renovate

install the app https://github.com/apps/renovate on the project.
The app should create a PR. Once merge, the app will start creating PR to upgrade or dependency.

If this is working properly, we may consider deactivating Dependabot to having duplication.

bmarty · 2023-03-07T14:02:20Z

Configuration is finished, we may iterate in the future. The tool has created this PR: #147 and I have tweaked configuration in the file renovate.json.

For ref, the tool has created a dashboard issue: #150 that I have pinned to the project.

bmarty · 2023-03-07T14:03:57Z

What's remaining is:

deactivate (or remove) Dependabot
update the documentation about Dependabot

For now I want to check that Renovate are creating all the PR that Dependabot used to create (but I think this will be the case)

bmarty self-assigned this Mar 6, 2023

bmarty closed this as completed Mar 7, 2023

bmarty added the Z-Setup label Mar 7, 2023

bmarty mentioned this issue Mar 7, 2023

Cleanup Dependabot now that we are using Renovate #177

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Automatically upgrade dependencies with Renovate. #140

Automatically upgrade dependencies with Renovate. #140

bmarty commented Mar 6, 2023 •

edited

Loading

bmarty commented Mar 7, 2023

bmarty commented Mar 7, 2023

Automatically upgrade dependencies with Renovate. #140

Automatically upgrade dependencies with Renovate. #140

Comments

bmarty commented Mar 6, 2023 • edited Loading

bmarty commented Mar 7, 2023

bmarty commented Mar 7, 2023

bmarty commented Mar 6, 2023 •

edited

Loading