Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Configure Renovate #1

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Configure Renovate #1

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Jun 29, 2021

WhiteSource Renovate

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.


Detected Package Files

  • csarvalidation/pom.xml (maven)
  • deployment/pom.xml (maven)
  • dictionaryvalidation/pom.xml (maven)
  • pom.xml (maven)
  • csarvalidation/python/requirements.txt (pip_requirements)

Configuration Summary

Based on the default config's presets, Renovate will:

  • Start dependency updates only once this onboarding PR is merged
  • Separate major versions of dependencies into individual branches/PRs
  • Do not separate patch and minor upgrades into separate PRs for the same dependency
  • Upgrade to unstable versions only if the existing version is unstable
  • Raise PRs immediately (after branch is created)
  • If semantic commits detected, use semantic commit type fix for dependencies and chore for all others
  • Keep existing branches updated even when not scheduled
  • Disable automerging feature - wait for humans to merge all PRs
  • Ignore node_modules, bower_components, vendor and various test/tests directories
  • Autodetect whether to pin dependencies or maintain ranges
  • Rate limit PR creation to a maximum of two per hour
  • Limit to maximum 20 open PRs at any time
  • Group known monorepo packages together
  • Use curated list of recommended non-monorepo package groupings
  • Ignore spring cloud 1.x releases
  • Ignore http4s digest-based 1.x milestones
  • Use node versioning for @types/node
  • Limit concurrent requests to reduce load on Repology servers until we can fix this properly, see issue 10133

🔡 Would you like to change the way Renovate is upgrading your dependencies? Simply edit the renovate.json in this branch with your custom config and the list of Pull Requests in the "What to Expect" section below will be updated the next time Renovate runs.


What to Expect

With your current configuration, Renovate will create 23 Pull Requests:

Update dependency com.google.code.gson:gson to v2.8.7
Update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.8.1
  • Schedule: ["at any time"]
  • Branch name: renovate/maven-compiler-plugin.version
  • Merge into: master
  • Upgrade org.apache.maven.plugins:maven-compiler-plugin to 3.8.1
Update dependency org.onap.vnfsdk.validation:validation to v1.2.20
Update dependency org.projectlombok:lombok to v1.18.20
  • Schedule: ["at any time"]
  • Branch name: renovate/lombok.version
  • Merge into: master
  • Upgrade org.projectlombok:lombok to 1.18.20
Update junit5 monorepo to v5.7.2
Update dependency PyYAML to v5.4.1
  • Schedule: ["at any time"]
  • Branch name: renovate/pyyaml-5.x
  • Merge into: master
  • Upgrade PyYAML to ==5.4.1
Update dependency com.fasterxml.jackson.core:jackson-core to v2.12.3
Update dependency commons-codec:commons-codec to v1.15
  • Schedule: ["at any time"]
  • Branch name: renovate/commons-codec-commons-codec-1.x
  • Merge into: master
  • Upgrade commons-codec:commons-codec to 1.15
Update dependency commons-io:commons-io to v2.10.0
  • Schedule: ["at any time"]
  • Branch name: renovate/commons-io.version
  • Merge into: master
  • Upgrade commons-io:commons-io to 2.10.0
Update dependency junit:junit to v4.13.2
  • Schedule: ["at any time"]
  • Branch name: renovate/junit.version
  • Merge into: master
  • Upgrade junit:junit to 4.13.2
Update dependency org.apache.commons:commons-lang3 to v3.12.0
Update dependency org.apache.logging.log4j:log4j-slf4j-impl to v2.14.1
Update dependency org.apache.maven.plugins:maven-dependency-plugin to v3.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/maven-dependency-plugin.version
  • Merge into: master
  • Upgrade org.apache.maven.plugins:maven-dependency-plugin to 3.2.0
Update dependency org.apache.maven.plugins:maven-jar-plugin to v3.2.0
  • Schedule: ["at any time"]
  • Branch name: renovate/maven-jar-plugin.version
  • Merge into: master
  • Upgrade org.apache.maven.plugins:maven-jar-plugin to 3.2.0
Update dependency org.assertj:assertj-core to v3.20.2
  • Schedule: ["at any time"]
  • Branch name: renovate/assertj-core.version
  • Merge into: master
  • Upgrade org.assertj:assertj-core to 3.20.2
Update dependency org.bouncycastle:bcpkix-jdk15on to v1.69
Update dependency org.codehaus.gmaven:groovy-maven-plugin to v2.1.1
Update dependency org.mockito:mockito-core to v3.11.2
  • Schedule: ["at any time"]
  • Branch name: renovate/mockito-core.version
  • Merge into: master
  • Upgrade org.mockito:mockito-core to 3.11.2
Update dependency org.mockito:mockito-junit-jupiter to v2.28.2
Update dependency org.yaml:snakeyaml to v1.29
  • Schedule: ["at any time"]
  • Branch name: renovate/snakeyaml.version
  • Merge into: master
  • Upgrade org.yaml:snakeyaml to 1.29
Update dependency org.apache.maven.plugins:maven-war-plugin to v3
  • Schedule: ["at any time"]
  • Branch name: renovate/major-maven-war-plugin.version
  • Merge into: master
  • Upgrade org.apache.maven.plugins:maven-war-plugin to 3.3.1
Update dependency org.codehaus.mojo:exec-maven-plugin to v3
Update dependency org.mockito:mockito-junit-jupiter to v3

🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or spam the project. See docs for prhourlylimit for details.


⚠ Dependency Lookup Warnings ⚠

Please correct - or verify that you can safely ignore - these lookup failures before you merge this PR.

  • Failed to look up dependency org.onap.vnfsdk.validation:validation
  • Failed to look up dependency org.onap.oparent:oparent

Files affected: deployment/pom.xml, pom.xml


❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.


This PR has been generated by WhiteSource Renovate. View repository job log here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant