router/renovate.json5 at dev · zencargo/router · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
{
  extends: [
    'config:recommended',
    ':semanticCommits',
  ],
  customManagers: [
    // A slight variation on the pattern documented within Renovate's docs:
    // => https://docs.renovatebot.com/modules/manager/regex/
    {
      customType: 'regex',
      managerFilePatterns: [
        '/^\\.tool-versions$/',
        '/(^|/)Dockerfile[^/]*$/',
        '/^rust-toolchain\\.toml$/',
        '/^docs/.*?\\.mdx$/',
        '/^.config/mise/.*?\\.toml$/',
        '/^apollo-router/Cargo\\.toml$/',
        '/^apollo-router/README\\.md$/',
      ],
      matchStrings: [
        '(#|<!--)\\s*renovate-automation: rustc version\\s*(?:-->)?\\n[^.]*?(?<currentValue>[0-9]+\\.[0-9]+\\.[0-9]+)\\b',
      ],
      depNameTemplate: 'rust',
      datasourceTemplate: 'docker',
    },
  ],
  packageRules: [
    // Don't do `rust` image updates separately since they'll we want them
    // managed/grouped into the rule directly above this one.  This prevents
    // multiple PRs for the same bump, and puts all our Rust version bumps
    // together.
    {
      matchPackageNames: [
        'rust',
      ],
      matchManagers: [
        'dockerfile',
        'mise',
      ],
      enabled: false,
    },
    {
      matchPackageNames: [
        'rust',
      ],
      matchManagers: 'regex',
      groupName: 'rustc',
    },
    // Keep serde_yaml at 0.8.x - version 0.9.x has breaking changes and the
    // underlying package is deprecated. The package works as-is and we can
    // consider replacing it in the future. We'll allow 0.8.x just in case
    // there HAPPEN to be any security updates that we need to be aware of.
    // See: https://github.com/dtolnay/serde-yaml/releases/tag/0.9.34
    {
      matchManagers: ['cargo'],
      matchPackageNames: ['serde_yaml'],
      allowedVersions: '0.8.x',
    },
    // Bunch up all non-major dependencies into a single PR.  In the common case
    // where the upgrades apply cleanly, this causes less noise and is resolved faster
    // than starting a bunch of upgrades in parallel for what may turn out to be
    // a suite of related packages all released at once.
    {
      matchCurrentVersion: '>= 1.0.0',
      matchManagers: [
        'cargo',
        'npm',
      ],
      matchUpdateTypes: [
        'minor',
        'patch',
        'pin',
        'digest',
      ],
      groupName: 'all non-major packages >= 1.0',
      groupSlug: 'all-non-major-gte-1.0',
      automerge: true,
    },
    // We're currently constrained in our ability to update the `tracing`
    // packages to the latest versions because of our usage.  As an extension
    // of the same concern, we cannot update our `opentelemetry` packages since
    // those are tightly intertwined.  This exception puts those packages into
    // their own group and away from other dep updates until the time that
    // those problems are no longer.  For more details, see the explainations
    // in the `/apollo-router/Cargo.toml` file around the declarations for
    // `^opentelemetry` and `^tracing` packages.
    {
      matchManagers: [
        'cargo',
      ],
      groupName: 'cargo tracing packages',
      groupSlug: 'cargo-tracing-packages',
      dependencyDashboardApproval: true,
      matchPackageNames: [
        '/^tracing/',
        '/^opentelemetry/',
      ],
    },
    // Various monorepos / crates that are often released together
    {
      groupName: 'apollo-rs crates',
      groupSlug: 'rust-apollo-rs-updates',
      matchManagers: ['cargo'],
      matchPackageNames: ['/^apollo-(parser|compiler|smith)$/'],
    },
    {
      groupName: 'rand crates',
      groupSlug: 'rust-rand',
      matchManagers: ['cargo'],
      matchPackageNames: ['/^rand$/', '/^rand[-_]/'],
    },
    {
      groupName: 'nom crates',
      groupSlug: 'rust-nom',
      matchManagers: ['cargo'],
      matchPackageNames: ['/^nom$/', '/^nom[-_]/'],
    },
    {
      groupName: 'axum crates',
      groupSlug: 'rust-axum',
      matchManagers: ['cargo'],
      matchPackageNames: ['/^axum$/', '/^axum-extra$/'],
    },
    {
      groupName: 'jemalloc crates',
      groupSlug: 'rust-jemalloc',
      matchManagers: ['cargo'],
      matchPackageNames: ['/^tikv-jemallocator$/', '/^tikv-jemalloc-/'],
    },
    // Handle exact version pins (versions starting with =) in Cargo.toml files
    // separately. Put them in individual PRs and require dashboard approval
    // since they were explicitly pinned for a reason.
    {
      matchManagers: ['cargo'],
      matchCurrentValue: '/^=/',
      dependencyDashboardApproval: true,
      automerge: false,
      groupName: null,
      groupSlug: null,
    },
  ],
}