Skip to content

Universal dependency update tool that fits into your workflows.

License

Notifications You must be signed in to change notification settings

stordata/renovate

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Renovate banner

Renovate

Automated dependency updates. Multi-platform and multi-language.

License: AGPL v3 codecov Renovate enabled Build status

Why Use Renovate?

  • Get automated Pull Requests to update your dependencies
  • Reduce noise by running Renovate on a schedule, for example:
    • on weekends
    • outside of working hours
    • each week
    • each month
  • Relevant package files are discovered automatically
  • Supports monorepo architectures like Lerna or Yarn workspaces with no extra configuration
  • Bot behavior is customizable via configuration files (config as code)
  • Use ESLint-like shared config presets for ease of use and simplifying configuration (JSON format only)
  • Lock files are supported and updated in the same commit, including immediately resolving conflicts whenever PRs are merged
  • Get replacement PRs to migrate from a deprecated dependency to the community suggested replacement (npm packages only)
  • Open source (installable via npm/Yarn or Docker Hub) so can be self-hosted or used via GitHub App

Supported Platforms

Renovate works on the following platforms:

  • GitHub (.com and Enterprise)
  • GitLab (.com and CE/EE)
  • Bitbucket Cloud
  • Bitbucket Server
  • Azure DevOps
  • Gitea

Who Uses Renovate?

Renovate is widely used in the developer community:

Renovate Matrix

The Renovate Approach

We believe everyone benefits from automation, whether it's a little or a lot. This means that Renovate:

  • Adapts to your workflow
  • Allows you to configure its behavior
  • Will autodetect settings where possible

Using Renovate

GitHub

It's easiest to use the hosted Renovate app. Install the Renovate app now.

More details on the GitHub App installation.

Azure DevOps

There are two ways to run Renovate on Azure DevOps:

  • Renovate Me extension
  • Custom pipeline

Renovate Me extension

Go to the Visual Studio Marketplace and install the Renovate Me extension in your organization. From there you can create a pipeline with the RenovateMe task. More details on how to configure the pipeline.

Note: This extension is created and maintained personally by a Renovate developer/user so support requests relating to the extension itself cannot be answered directly in the main Renovate repository.

Custom pipeline

You can create a custom pipeline with a yml definition that triggers npx renovate. More details on how to configure the pipeline.

Bitbucket Cloud/Server, Gitea, GitLab

For Bitbucket Cloud, Bitbucket Server, Gitea and GitLab, use our self-hosting option.

Configuration

Go to our documentation website to learn how to configure Renovate. We have a full list of configuration options.

To get help with your configuration, go to the discussions tab in the Renovate repository and open a new "config help" discussion post.

Self-Hosting

To run your own instance of Renovate you have several options:

  • Install the renovate CLI tool from npmjs, run it on a schedule (e.g. using cron)
  • Run the renovate/renovate Docker Hub image (same content/versions as the CLI tool), run it on a schedule
  • Run the renovate/renovate:slim Docker Hub image if you only use package managers that don't need third-party binaries (e.g. JavaScript, Docker, NuGet, pip)

More details on the self-hosting development.

Contributing

If you want to contribute to Renovate or get a local copy running, please read the instructions in .github/contributing.md.

Security / Disclosure

If you discover any important bug with Renovate that may pose a security problem, please disclose it confidentially to renovate-disclosure@whitesourcesoftware.com first, so that it can be assessed and hopefully fixed prior to being exploited. Please do not raise GitHub issues for security-related doubts or problems.

About

Universal dependency update tool that fits into your workflows.

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • TypeScript 92.2%
  • HTML 2.7%
  • Go 2.2%
  • Clojure 0.6%
  • Swift 0.6%
  • JavaScript 0.4%
  • Other 1.3%