Renovate config presets for Cognite.
Renovate is a tool that automates the process of keeping dependencies up-to-date, and gives better visibility into available dependency updates.
See Configuration Options for a complete list of possible options.
In order to start using Renovate Bot in your repository:
-
The Renovate GitHub App is enabled for all repositories in the
cognitedataorganization. Renovate will automatically create an onboarding PR that extends the default.json config preset in this repo. If Renovate is not enabled for your repo, or you are unable to find the onboarding PR, you can ask for help from@security-shieldin#help-securityon Slack. -
Make any manual changes to the config if you'd like.
If you have a lot of updates it might makes sense to whitelist updates (through Dependency Dashboard, see next bullet) before having lots of PRs. This can be done by adding the following to
renovate.json:{ "dependencyDashboardApproval": true } -
Merge the PR. Renovate will then create a special "Dependency Dashboard" issue that gives visibility into dependencies state, and will start create PRs for suggesting updates.
See https://app.renovatebot.com/dashboard
- Renovate can be configured with regex matches to update custom version references such as env tags in Dockerfile or custom scripts.
The preset files can be checked locally before pushing:
npm ci
./validate.sh