Renovate Blog

Dependency Management: 3 Tips to Keep You Sane

There are a couple of things you can do to avoid dependency management hell. Read on for our three favorite tips.

June 2, 2020

Maven: Update Dependencies Automatically

In this post we’ll show you how to use modern tooling and automation to keep your Maven dependencies updated.

April 28, 2020

Automatically Update cdnjs Dependencies

Renovate can now keep cdnjs dependencies automatically up-to-date in web projects. Read on to learn more about how you can activate this feature.

March 18, 2020

Updating npm Packages – The Definitive Guide

Selecting and installing a dependency with Node Package Manager (npm) is only half the job. This guide will explain why you need to keep your npm dependencies updated, and the most efficient ways to do so.

February 27, 2020

Renovate is Now Part of WhiteSource

We’re excited to announce that Renovate has joined WhiteSource, the world’s leading Software Composition Analysis solution. Read on to learn about the great things this brings to Renovate users. 

November 13, 2019

Go Modules Vulnerability Disclosure

Last month we were made aware of an occurrence of GitHub.com token leakage. It affected only users who had also experienced Go Modules checksum update failures prior to September 6th, which was less than 0.1% of accounts. We resolved the problem within an hour but have spent the last month code reviewing and improving security in Renovate in general, and now present our findings and plans.

October 18, 2019

Introducing Renovate’s “Master Issue”

Renovate’s new lightweight dashboard-within-an-issue.

April 24, 2019

Ruby Bundler Support in Renovate

Bundler support in Renovate is now ready for testing!

January 14, 2019

Automating CircleCI Orb Updates

CircleCI recently launched Orbs, “a package manager for software delivery automation”. Here we will describe to you how to use Renovate to keep your Orb definitions up-to-date.

December 17, 2019

Automating Go Module Dependency Updates

Go’s new “Minimal Version Selection” approach to modules provides consistency of versions, but projects can remain stuck on outdated dependencies without maintainer conscientiousness or automation. This article discusses how to automate dependency updates to free up module maintainer time for other tasks.

October 02, 2018

Automated Dependency Updates for Bitbucket Cloud

Renovate now has beta support for the Bitbucket Cloud platform. This post describes how you can use Renovate to run against your repositories hosted on https://bitbucket.org.

August 29, 2018

Automated Dependency Updates for Kubernetes Manifests

Renovate now supports keeping Docker dependencies up-to-date in Kubernetes manifests. Read on to learn how to configure file matching to get it started.

August 04, 2018

New feature – GitHub Vulnerability Alerts

Renovate now supports raising Pull Requests immediately for any JavaScript or Python package identified as having a vulnerable version by GitHub’s Vulnerability Alerts.

July 29, 2018

New feature – Dependency Deprecation Warnings

Renovate now supports raising issues to warn a repository if it is using any deprecated npm packages. This feature can help prevent you being “in the dark” that a dependency you are using may never get updates again.

July 29, 2018

Overcoming Docker’s mutable image tags

Why Docker tags are mutable, how Node.js images broke yarn, and how to work with immutable Docker digests instead.

March 19, 2018

Renovate is Now Available on GitHub Marketplace

This week Renovate got accepted (launched!) into GitHub’s Marketplace with paid plans available.

March 15, 2018