Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(packageRules): warn for depName matching in matchPackage #28543

Closed
wants to merge 11 commits into from
Closed

feat(packageRules): warn for depName matching in matchPackage #28543

wants to merge 11 commits into from

Conversation

rarkins
Copy link
Collaborator

@rarkins rarkins commented Apr 20, 2024
edited
Loading

Changes

Elevate logging from info to warn when falling back to depName in packageRules matching.

Context

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please select one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository

rarkins and others added 8 commits April 14, 2024 10:42
@rarkins
fix(config)!: globalExtends merge order (#28145)
c7271bc 
Previously, config from globalExtends was incorrectly merged _after_ other global config. This meant for example that packageRules in a config.js could not override packageRules from within globalExtends, because they were applied after. Now, globalExtends content will be merged first, and remaining global config merged second.

Fixes #28131

BREAKING CHANGE: order of globalExtends resolution is changed so that it is applied first and remaining global config takes precedence.
@secustor @rarkins
feat(manager/pep621)!: remove group name from depName (#28193)
0b9d4e3 
Previously, the “depName” for pep621 was constructed using groupName/packageName, which in turn meant that the same dependency was upgraded in different branches if it was present in multiple groups. Instead, depName is now set to packageName. This will lead to a change of branch name for pep621 updates.

Closes #28131

BREAKING CHANGE: depName for pep621 dependencies changes, which will lead to branch name changes, which will lead to some autoclosing and reopening of PRs.
@viceice @rarkins
feat(gitea)!: use Bearer instead of token for auth (#28308)
f858742 
Previous Gitea implementation used non-standard “token” auth instead of “Bearer”. Gitea supports Bearer al alternate to token since v1.8.0, so it’s safe to make this change now.

BREAKING CHANGE: Gitea platfor authentication will now be done using Bearer auth instead of token auth.
@viceice @rarkins
feat!: stop publishing slim docker tags (#27993)
e5e896a 
Stop publishing -slim Renovate tags - slim is now the default.

BREAKING CHANGE: Renovate docker images no longer have -slim tags. Drop the -slim prefix as this is now the default behavior.
@takac @rarkins
fix(config)!: Use depNameSanitized in branch name for vulnerability…
da73a76 
… alerts (#25166)

Use sanitized depName in vulnerability/remediation branches instead of raw depName. This will result in some open remediation branches being autoclosed and replaced for ecosystems like go in particular which have special characters in depNames.

BREAKING CHANGE: Branch names for remediation will be sanitized to exclude special characters, potentially resulting in some autoclosing/replacing of existing PRs.
@rarkins
feat(npm)!: drop transitiveRemediation option (#27985)
66d31b2 
This option only worked for npm <7, which is now EOL.

BREAKING CHANGE: Transitive remediation for npm <7 is no longer supported.
@RahulGautamSingh
feat(config): change onboardingNoDeps from boolean to enum (#28133)
7fa65fd 
Change onboardingNoDeps from boolean to enum, with new default "auto". Auto means that Renovate will continue skipping repos with no dependencies if autodiscover is in use, but onboarding them if they are explicitly specified in a non-autodiscover mode.

Closes #28101

BREAKING CHANGE: onboardingNoDeps changes from boolean to enum. Repositories with no dependencies will be onboarded unless in autodiscover mode.
@rarkins
feat(packageRules): warn for depName matching in matchPackage
7327bf0 
Raise logging from info to warn
@rarkins
Copy link
Collaborator Author

rarkins commented Apr 20, 2024

@nabeelsaabna can you please check the hosted app to see if there are any of these info logs currently which are for our built-in rules/presets? We want to make sure we fix any of those before we start warning users in v38

viceice
viceice previously approved these changes Apr 20, 2024
View reviewed changes
@rarkins rarkins requested a review from viceice April 20, 2024 08:00
viceice
viceice previously approved these changes Apr 20, 2024
View reviewed changes
@rarkins
Copy link
Collaborator Author

rarkins commented Apr 20, 2024

Replaced by #28547

@rarkins rarkins closed this Apr 20, 2024
@rarkins rarkins deleted the feat/warn-package-dep-name-match branch April 22, 2024 05:11
@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 24, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@viceice viceice viceice left review comments

@nabeelsaabna nabeelsaabna Awaiting requested review from nabeelsaabna

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@rarkins @viceice @secustor @takac @RahulGautamSingh