Last month we were made aware of an occurrence of GitHub.com token leakage. It affected only users who had also experienced Go Modules checksum update failures prior to September 6th, which was less than 0.1% of accounts. We resolved the problem within an hour but have spent the last month code reviewing and improving security in Renovate in general, and now present our findings and plans.
October 18, 2019
Renovate’s new lightweight dashboard-within-an-issue.
April 24, 2019
Bundler support in Renovate is now ready for testing!
January 14, 2019
Go’s new “Minimal Version Selection” approach to modules provides consistency of versions, but projects can remain stuck on outdated dependencies without maintainer conscientiousness or automation. This article discusses how to automate dependency updates to free up module maintainer time for other tasks.
October 02, 2018
Renovate now has beta support for the Bitbucket Cloud platform. This post describes how you can use Renovate to run against your repositories hosted on https://bitbucket.org.
August 29, 2018
Renovate now supports keeping Docker dependencies up-to-date in Kubernetes manifests. Read on to learn how to configure file matching to get it started.
August 04, 2018
Renovate now supports raising issues to warn a repository if it is using any deprecated
npm packages. This feature can help prevent you being “in the dark” that a dependency you are using may never get updates again.
July 29, 2018
Why Docker tags are mutable, how Node.js images broke yarn, and how to work with immutable Docker digests instead.
March 19, 2018