Skip to content

JS-1603 Configure Renovate to avoid grouped updates#44

Merged
zglicz merged 1 commit intomasterfrom
codex/renovate-ungroup-updates
Apr 16, 2026
Merged

JS-1603 Configure Renovate to avoid grouped updates#44
zglicz merged 1 commit intomasterfrom
codex/renovate-ungroup-updates

Conversation

@vdiez
Copy link
Copy Markdown
Contributor

@vdiez vdiez commented Apr 15, 2026

Summary

  • align Renovate behavior with sonar-flex commit eae1e601a76abe7e117b541f85af7f5c0d6112e4
  • disable default grouping by setting groupName to
    ull for all packages
  • remove explicit GitHub Actions grouping
  • set prCreation to immediate so updates are opened without batching delays

This keeps updates flowing per package age instead of waiting for grouped batches.

@vdiez vdiez requested a review from a team as a code owner April 15, 2026 17:49
@hashicorp-vault-sonar-prod hashicorp-vault-sonar-prod bot changed the title Configure Renovate to avoid grouped updates JS-1603 Configure Renovate to avoid grouped updates Apr 15, 2026
@hashicorp-vault-sonar-prod
Copy link
Copy Markdown

hashicorp-vault-sonar-prod bot commented Apr 15, 2026
edited by atlassian bot
Loading

JS-1603

@sonar-review-alpha
Copy link
Copy Markdown

sonar-review-alpha bot commented Apr 15, 2026
edited
Loading

Summary

This PR reconfigures Renovate to create individual pull requests for each dependency update rather than batching them together.

What changed:

  • Added a catch-all rule (matchPackageNames: ["*"]) that sets groupName: null to disable grouping globally
  • Removed grouping from GitHub Actions updates (previously "all github actions")
  • Added prCreation: "immediate" to open PRs without delay

Effect: Each dependency update will get its own PR immediately upon detection, allowing faster merging and reducing the chance that one outdated dependency blocks others. This aligns with the dependency management approach in sonar-flex.

What reviewers should know

Key decision: The new catch-all rule with groupName: null at the start of packageRules establishes the baseline—all packages ungrouped by default. Subsequent rules can override this for specific matchers if needed.

To review: Check that the GitHub Actions rule still functions correctly without its group properties; it should still apply pinDigests: false independently. The three-rule block with extends: ["schedule:weekly"] remains unchanged and should continue working as before.

Likely impact: Expect more frequent Renovate PRs but with faster turnaround—each can be reviewed and merged independently without waiting for unrelated updates in the same batch.

  • Generate Walkthrough
  • Generate Diagram

🗣️ Give feedback

@vdiez vdiez requested a review from zglicz April 15, 2026 17:50
sonar-review-alpha[bot]
sonar-review-alpha bot reviewed Apr 15, 2026
View reviewed changes
Copy link
Copy Markdown

@sonar-review-alpha sonar-review-alpha bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! ✅

Clean configuration-only change. The catch-all groupName: null rule correctly overrides Renovate's default grouping behavior, and placing it first in packageRules ensures subsequent rules (e.g. the GitHub Actions pinDigests: false rule) can still apply their own settings without inheriting a group.

🗣️ Give feedback

@sonarqube-next
Copy link
Copy Markdown

sonarqube-next bot commented Apr 15, 2026

Quality Gate passed Quality Gate passed for 'NodeJS Maven Plugin'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
0 Dependency risks
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@zglicz zglicz merged commit 3df7b8b into master Apr 16, 2026
8 checks passed
@zglicz zglicz deleted the codex/renovate-ungroup-updates branch April 16, 2026 05:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sonar-review-alpha sonar-review-alpha[bot] sonar-review-alpha[bot] left review comments

@zglicz zglicz zglicz approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vdiez @zglicz