@ckatzorke/renovate
v37.302.0
Published
Automated dependency updates. Flexible so you don't need to be.
Downloads
11
Maintainers
Readme
Renovate
Automated dependency updates. Multi-platform and multi-language.
Why Use Renovate?
- Get automated Pull Requests to update your dependencies
- Reduce noise by running Renovate on a schedule, for example:
- on weekends
- outside of working hours
- each week
- each month
- Relevant package files are discovered automatically
- Supports monorepo architectures with workspaces with no extra configuration
- Bot behavior is customizable via configuration files (config as code)
- Use ESLint-like shared config presets for ease of use and simplifying configuration (JSON format only)
- Lock files are supported and updated in the same commit, including immediately resolving conflicts whenever PRs are merged
- Get replacement PRs to migrate from a deprecated dependency to the community suggested replacement, works with most managers, see issue 14149 for exceptions
- Open source (installable via npm/Yarn or Docker Hub) so can be self-hosted or used via the Mend Renovate App
Supported Platforms
Renovate works on these platforms:
- GitHub (.com and Enterprise Server)
- GitLab (.com and CE/EE)
- Bitbucket Cloud
- Bitbucket Server
- Azure DevOps
- AWS CodeCommit
- Gitea and Forgejo
- Gerrit (experimental)
Who Uses Renovate?
Renovate is widely used in the developer community:
Renovate OSS Insights
Renovate is built on a big community and actively invites and supports contributions. Information about our contributors and community can be found on OSS Insight.
Star History
The Renovate Approach
We believe everyone benefits from automation, whether it's a little or a lot. This means that Renovate:
- Adapts to your workflow
- Allows you to configure its behavior
- Will autodetect settings where possible
Using Renovate
Get started with Renovate by checking out our tutorial.
GitHub
We recommend that you use the Mend Renovate App. Install the Mend Renovate App now. More details on the Mend Renovate App installation.
Azure DevOps
There are two ways to run Renovate on Azure DevOps:
- Renovate Me extension
- Custom pipeline
Renovate Me extension
Go to the Visual Studio Marketplace and install the Renovate Me extension in your organization.
From there you can create a pipeline with the RenovateMe
task.
[!NOTE] This extension is created and maintained personally by a Renovate developer/user so support requests relating to the extension itself cannot be answered directly in the main Renovate repository.
Custom pipeline
You can create a custom pipeline with a yml
definition that triggers npx renovate
.
More details on how to configure the pipeline.
Bitbucket Cloud/Server, Forgejo, Gitea, GitLab
For Bitbucket Cloud, Bitbucket Server, Forgejo, Gitea and GitLab, use our self-hosting option.
Configuration
Go to our documentation website to learn how to configure Renovate. We have a full list of configuration options.
To get help with your configuration, go to the discussions tab in the Renovate repository and open a new "config help" discussion post.
Self-Hosting
To run your own instance of Renovate you have several options:
- Install the
renovate
CLI tool from npmjs, run it on a schedule (e.g. usingcron
) - Run the
renovate/renovate:full
Docker Hub image (same content/versions as the CLI tool), run it on a schedule - Run the
renovate/renovate:latest
Docker Hub image if you only use package managers that don't need third-party binaries (e.g. JavaScript, Docker, NuGet, pip)
More details on the self-hosting development.
Contributing
If you want to contribute to Renovate or get a local copy running, please read the instructions in contributing guidelines. To get started look at the list of good first issues.
Security / Disclosure
If you find any bug with Renovate that may be a security problem, then e-mail us at: [email protected]. This way we can evaluate the bug and hopefully fix it before it gets abused. Please give us enough time to investigate the bug before you report it anywhere else.
Please do not create GitHub issues for security-related doubts or problems.