Skip to content
Snippets Groups Projects
Select Git revision
  • 959e3943f9a9711207de85eabbfff0d09919d88a
  • main default protected
  • next
  • renovate/main-redis-5.x
  • chore/update-static-data
  • feat/gnupg
  • fix/36615b-branch-reuse-no-cache
  • chore/punycode
  • refactor/pin-new-value
  • feat/36219--git-x509-signing
  • feat/structured-logger
  • hotfix/39.264.1
  • feat/skip-dangling
  • gh-readonly-queue/next/pr-36034-7a061c4ca1024a19e2c295d773d9642625d1c2be
  • hotfix/39.238.3
  • refactor/gitlab-auto-approve
  • feat/template-strings
  • gh-readonly-queue/next/pr-35654-137d934242c784e0c45d4b957362214f0eade1d7
  • fix/32307-global-extends-merging
  • fix/32307-global-extends-repositories
  • gh-readonly-queue/next/pr-35009-046ebf7cb84ab859f7fefceb5fa53a54ce9736f8
  • 41.62.4
  • 41.62.3
  • 41.62.2
  • 41.62.1
  • 41.62.0
  • 41.61.1
  • 41.61.0
  • 41.60.4
  • 41.60.3
  • 41.60.2
  • 41.60.1
  • 41.60.0
  • 41.59.2
  • 41.59.1
  • 41.59.0
  • 41.58.2
  • 41.58.1
  • 41.58.0
  • 41.57.1
  • 41.57.0
41 results

use-cases.md

Blame
    • user avatar
    docs: add link to key-concepts/automerge (#11637)
    HonkingGoose authored and GitHub committed
    40d7d2cd
    History
    user avatar 40d7d2cd
    History
    use-cases.md 8.70 KiB

    Use Cases

    This page describes some common use cases for Renovate, for those who are new and would like to get their heads around the capabilities.

    Development dependency updates

    The original use case, and still the most popular one, is for developers to automate dependency updating in their software projects.

    Updating of package files

    The term "package file" is used to describe files which contain lists of dependencies, managed by a "package manager". Example package files include package.json (managed by npm or Yarn), Gemfile (managed by Bundler), or go.mod (managed by go modules).

    Renovate will scan repositories to detect package files and their dependencies, look up if any newer versions exist, and then raise Pull Requests for available updates. The Pull Requests will patch the package files directly, and include Release Notes for the newer versions if they are available.

    By default, there will be separate Pull Requests per dependency, and major updates will be separated out from non-major.

    Package managers with lock files

    Many package managers today support "lock files", which serve to freeze the entire dependency tree including transitive dependencies. Such managers include npm, Yarn, Bundler, Composer, Poetry, Pipenv, and Cargo.

    When lock files exist, it's essential that any changes to package files are accompanied with a compatible change to the associated lock file. Although Renovate can patch/update package files directly, a package manager's lock file is typically too complex to "reverse engineer" so therefore Renovate will rely on the package manager itself to perform the lock file update. Here is a simplified example:

    • The repository has a package.json and package-lock.json containing version 1.0.0 of a dependency
    • Renovate determines that version 1.1.0 is available
    • Renovate patches the package.json to change the dependency's version from 1.0.0 to 1.1.0
    • Renovate then runs npm install, which triggers npm to update the package-lock.json accordingly
    • Renovate then commits both the package.json and package-lock.json files together for the PR

    Custom dependency extraction

    Renovate supports 60+ different types of package files natively, but sometimes dependencies will not be detected by Renovate by default due to either:

    • The package manager/file format is not yet supported, or
    • The file format is not a standard or is completely proprietary

    In such cases, Renovate has a "regex" manager which you can configure with custom patterns to extract dependencies regardless. Users can configure the regex manager by telling it:

    • Which file pattern(s) to match
    • How to identify the dependency name and version from within the file
    • Which datasource (e.g. Docker registry, npm registry, etc) to use to look up new versions

    The end result is that Renovate can keep dependencies in custom file formats up-to-date as long as the dependency datasource is already known to Renovate.

    DevOps tooling

    Renovate is increasingly used for purposes which are traditionally described as DevOps instead of Developer.