chore: Simply renovate bot config to only propose testing and ci dep updates#12662
chore: Simply renovate bot config to only propose testing and ci dep updates#12662
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the Renovate configuration to categorize dependencies into production, test, and build groups with specific semantic commit types, while also enabling the dependency dashboard and removing PR limits. Feedback includes a correction for an invalid regex pattern used to match all packages and highlights contradictions between the configuration and the PR's stated goals regarding production dependency updates and PR rate limiting.
| "matchPackagePatterns": [ | ||
| "*" | ||
| ] | ||
| ], |
There was a problem hiding this comment.
The matchPackagePatterns field expects a valid regular expression. The string "*" is not a valid regex as it lacks a preceding atom for the quantifier. To match all packages, use matchPackageNames with the glob "*" or matchPackagePatterns with the regex ".*".
| "matchPackagePatterns": [ | |
| "*" | |
| ] | |
| ], | |
| "matchPackageNames": [ | |
| "*" | |
| ], |
| "matchPackagePatterns": [ | ||
| "^com.google.cloud:", | ||
| "^com.google.api:", | ||
| "^com.google.http-client:", | ||
| "^com.google.api-client:" | ||
| ], | ||
| "enabled": true, | ||
| "semanticCommitType": "deps" | ||
| }, |
There was a problem hiding this comment.
This configuration block enables updates for production dependencies (e.g., com.google.cloud, com.google.api). This contradicts the pull request's stated objective of only proposing updates for testing and CI dependencies. If these production dependencies are intended to be managed manually, this block should be removed.
| "prConcurrentLimit": 0, | ||
| "prHourlyLimit": 0 |
There was a problem hiding this comment.
Setting prConcurrentLimit and prHourlyLimit to 0 removes all limits on the number of PRs Renovate can create. This contradicts the PR description's goal of helping with 'renovate bot quota and PR backlog management'. To effectively manage the backlog and quota, consider setting these to a positive integer.
1 participant
Leaving this as a draft to see if we want to use this. Port of the renovate PR in sdk-platform-java: googleapis/sdk-platform-java#4155
As part of dependency management policy, try not propose new deps upgrade. Any deps that need to be upgraded can be raised manually. This should also help with renovate bot quota and PR backlog management.