evatoner v1.0.0
renovate
Keep npm dependencies up-to-date.
Why
- Creates or updates Pull Requests for each dependency that needs updating
- Discovers and processes all
package.jsonfiles in repository (supports monorepo architecture) - Supports multiple major versions per-dependency at once
- Configurable via file, environment, CLI, and
package.json - Supports
yarn.lockandpackage-lock.jsonfiles - Supports GitHub and GitLab
- Open source and can be self-hosted
GitHub App
Renovate is now available as a free GitHub "App". Go to https://github.com/apps/renovate to enable it now.
Install
$ npm install -g renovateAuthentication
You need to select a repository user for renovate to assume the identity of, and generate a Personal Access Token. It's recommended that you use a dedicated "bot" account for this to avoid user confusion.
You can find instructions for GitHub here (select "repo" permissions)
You can find instructions for GitLab here.
This token needs to be configured via file, environment variable, or CLI. See docs/configuration.md for details.
The simplest way is to expose it as GITHUB_TOKEN or GITLAB_TOKEN.
Usage
Run renovate --help for usage details.
Note: The first time you run renovate on a repository, it will not upgrade any dependencies. Instead, it will create a Pull Request (Merge Request if GitLab) called 'Configure Renovate' and commit a default renovate.json file to the repository. This PR can be close unmerged if the default settings are fine for you. Also, this behaviour can be disabled if you set the onboarding configuration option to false before running.
Deployment
See deployment docs for details.
Configuration
The Configuration and Configuration FAQ documents should be helpful.
Design Decisions
See design decisions doc for details.