Skip to content

Add Renovate and Pin Dependencies for Stable CI and Automated Updates #186

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
harryswift01 merged 3 commits into from
Nov 17, 2025
Merged

Add Renovate and Pin Dependencies for Stable CI and Automated Updates #186

harryswift01 merged 3 commits into from
Nov 17, 2025

Conversation

@harryswift01
Copy link
Contributor

@harryswift01 harryswift01 commented Nov 17, 2025

Summary

This PR introduces Renovate to automatically manage and update pinned dependencies. It adds the necessary Renovate configuration, workflow, and dependency pinning to ensure predictable CI behavior and safe, controlled dependency upgrades.

Changes

Add Renovate configuration

  • Added .github/renovate.json with extends: ["config:base"] and rangeStrategy: "bump".
  • Ensures Renovate can update pinned versions via pull requests.

Add Renovate GitHub Actions workflow

  • Added .github/workflows/renovate.yaml to run Renovate daily at 8 AM UTC.
  • Configured Renovate to authenticate using the RENOVATE_TOKEN secret.
  • Allows automated dependency checks and updates.

Pin dependencies in pyproject.toml

  • Replaced unpinned (>=) versions with strict pinned (==) versions.
  • Updated optional testing and pre-commit dependencies to pinned versions.
  • Ensures deterministic CI runs and consistent dependency resolution.

Impact

  • CI becomes predictable and unaffected by upstream dependency changes.
  • Renovate will automatically propose version updates through PRs.
  • Reduced risk of merging incompatible or unstable dependency combinations.
  • Makes debugging CI failures easier, as dependency versions are well-defined.

@harryswift01 harryswift01 self-assigned this Nov 17, 2025
@harryswift01 harryswift01 added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 17, 2025
@harryswift01 harryswift01 linked an issue Nov 17, 2025 that may be closed by this pull request
Add Renovate and Pin Dependencies for More Reliable Dependency Management #185
Closed
5 tasks
@harryswift01 harryswift01 requested a review from jimboid November 17, 2025 15:07
jimboid
jimboid approved these changes Nov 17, 2025
View reviewed changes
Copy link
Member

@jimboid jimboid left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Will just have to monitor it for a while to make sure it is working as we want

@harryswift01 harryswift01 merged commit 03e9ebd into main Nov 17, 2025
14 checks passed
@harryswift01 harryswift01 deleted the 185-add-renovate branch November 17, 2025 16:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jimboid jimboid jimboid approved these changes

Assignees

@harryswift01 harryswift01

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add Renovate and Pin Dependencies for More Reliable Dependency Management

3 participants

@harryswift01 @jimboid