Overview
Implement and configure Renovate bot to automatically manage dependencies by merging updates to the "next" branch and grouping non-major updates.
Description
We could implement Renovate bot to automate our dependency management process. The bot could be configured to target our "next" branch for all updates and group non-major updates together to reduce PR noise.
Requirements
- Automatically merge dependency updates to the "next" branch
- Group all non-major updates together in a single PR (Dependabot cannot do this)
- Separate major updates into individual PRs (due to potential breaking changes)
- Run on a regular schedule
Implementation Details
1. Base Configuration
Create a renovate.json file in the repository root:
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
"config:base"
],
"baseBranches": ["next"],
"labels": ["dependencies"],
"schedule": ["every weekend"],
"automerge": true,
"automergeType": "branch",
"platformAutomerge": true,
"major": {
"automerge": false
},
"dependencyDashboard": true,
"packageRules": [
{
"matchUpdateTypes": ["minor", "patch", "pin", "digest"],
"groupName": "all non-major dependencies",
"groupSlug": "all-minor-patch"
}
]
}2. GitHub Repository Settings
- Enable Renovate GitHub app on the repository
- Configure branch protection rules for the "next" branch to ensure CI passes before merging
- Set up required status checks that must pass before PR can be merged
3. Additional Configuration Options to Consider
- Custom labels for different types of dependency updates
- Configuring ignored dependencies (if any)
- Path-specific rules (if needed?)
- Custom commit message format
Expected Outcome
- Renovate will create grouped PRs for all non-major updates targeting the "next" branch
- These grouped PRs will be automatically merged if CI passes
- Major updates will be created as separate PRs requiring manual review
- A dependency dashboard issue can be maintained to track all updates
Testing Plan
- After implementation, verify Renovate creates PRs against the "next" branch
- Confirm that non-major updates are grouped together
- Verify that automatic merging works correctly
- Check that major updates are properly separated for manual review
Resources
Overview
Implement and configure Renovate bot to automatically manage dependencies by merging updates to the "next" branch and grouping non-major updates.
Description
We could implement Renovate bot to automate our dependency management process. The bot could be configured to target our "next" branch for all updates and group non-major updates together to reduce PR noise.
Requirements
Implementation Details
1. Base Configuration
Create a
renovate.jsonfile in the repository root:{ "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "config:base" ], "baseBranches": ["next"], "labels": ["dependencies"], "schedule": ["every weekend"], "automerge": true, "automergeType": "branch", "platformAutomerge": true, "major": { "automerge": false }, "dependencyDashboard": true, "packageRules": [ { "matchUpdateTypes": ["minor", "patch", "pin", "digest"], "groupName": "all non-major dependencies", "groupSlug": "all-minor-patch" } ] }2. GitHub Repository Settings
3. Additional Configuration Options to Consider
Expected Outcome
Testing Plan
Resources