Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
102 changes: 77 additions & 25 deletions .github/renovate.json5
Original file line number Diff line number Diff line change
@@ -1,42 +1,94 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
extends: ["config:base"],
extends: [

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should add npm:unpublishSafe as well

"config:base",
// Required to not pin dependencies to _exact_ versions (pip)
":preserveSemverRanges",
"group:monorepos",
"helpers:pinGitHubActionDigests",
":semanticPrefixFixDepsChoreOthers",
":dependencyDashboard",
],

// Added for posterity how to let Renovate manage version-branches, assuming that release branches
// have the `release/` prefix.
// BE CAREFUL WITH THIS OPTION and make sure that the changes work.
baseBranches: [
"main",
],

"labels": ["dependencies"],
pip_requirements: {
// fileMatch default: (^|/)([\\w-]*)requirements\\.(txt|pip)$
"fileMatch": ["(^|/)([\\w-]*)requirements.*\\.txt$"],
},
Comment on lines +38 to +41

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This can be removed (there's no requirements*.txt).


packageRules: [
// Check for updates, merge automatically
// Check for updates, do not merge automatically. This rule does effectively nothing, but serves as a
// reference for the kinds of managers used in Polaris.
{
matchManagers: ["maven", "gradle", "gradle-wrapper"],
matchUpdateTypes: ["minor", "patch"],
automerge: true,
platformAutomerge: true,
matchManagers: [
"gradle", "gradle-wrapper",
"pip_requirements", "pip_setup", "poetry", "setup-cfg",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For mcp, we are using uv instead of poetry.

"dockerfile", "devcontainer", "docker-compose",
"github-actions"],
automerge: false, // just be explicit (false is the default)
},

// Special rule for Iceberg and related artifacts
// Reduce update frequency for a few dependencies that have a quite high release frequency.
// awssdk (release frequency: daily)
{
matchManagers: ["maven", "gradle"],
matchUpdateTypes: ["minor", "patch"],
matchPackagePatterns: [
"^org[.]apache[.]hadoop:hadoop-aws$",
"^org[.]apache[.]hadoop:hadoop-common$",
"^org[.]apache[.]hive:.*$",
"^org[.]apache[.]iceberg:.*",
"^software[.]amazon[.]awssdk:.*",
],
automerge: false,
prBodyNotes: [":warning: Only update org.apache.iceberg with org.apache.hadoop + software.amazon.awssdk:warning:"]
matchManagers: ["gradle"],
matchPackagePrefixes: ["software.amazon.awssdk"],
extends: ["schedule:weekly"],
},
// boto3 (release frequency: multiple times per week)
{
matchManagers: ["pip_requirements", "pip_setup", "poetry"],

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same for uv but we can remove this section as we are not using boto3 in this case.

matchPackagePrefixes: ["boto3"],
extends: ["schedule:weekly"],
},

// Check for major updates, but do not merge automatically
// Quarkus platform + plugin together
{
matchManagers: ["maven", "gradle", "gradle-wrapper"],
matchUpdateTypes: ["major"],
automerge: false,
groupName: "Quarkus Platform and Group",
matchManagers: ["gradle"],
matchPackageNames: [
"io.quarkus.platform:quarkus-bom",
"io.quarkus.platform:quarkus-amazon-services-bom",
"io.quarkus.platform:quarkus-google-cloud-services-bom",
"io.quarkus:io.quarkus.gradle.plugin",
],
},
{

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This section can be remove as well as that was added to prevent bump version of openapi-generator-cli as we can't just blindly go to the latest one due to OpenAPI spec we are using but this is not used in this repo.

matchPackageNames: ["openapi-generator-cli"],
enabled: false
}
],

// Max 50 PRs in total, 10 per hour
// Max 50 PRs in total, 5 per hour.
// Renovate rebases PRs automatically when the renovate bot "visits" (scans) the repo, hence the hourly and
// concurrent PRs limit.
prConcurrentLimit: 50,
prHourlyLimit: 10,
prHourlyLimit: 5,

// add renovate-polaris label to easily filter PRs/email
labels: ["renovate-polaris"],
}