Renovate

Jan 1, 0001

Definition

Renovate is an open-source tool designed to automate the process of updating dependencies in software projects. It scans project files, identifies outdated dependencies, and generates pull requests with updates. Renovate supports various programming languages and package managers, helping maintain up-to-date and secure dependencies while reducing manual effort.

Secure Settings Example

renovate.json: |
  {
    "extends": [
      "config:base"
    ],
    "automerge": true,
    "automergeType": "branch",
    "dependencyDashboard": true,
    "schedule": ["before 3am on monday"],
    "packageRules": [
      {
        "updateTypes": ["minor", "patch"],
        "automerge": true
      }
    ]
  }

Insecure Settings Example

renovate.json: |
  {
    "extends": [
      "config:base"
    ],
    "automerge": true,
    "automergeType": "pr",
    "dependencyDashboard": false,
    "schedule": ["every day"],
    "packageRules": [
      {
        "updateTypes": ["major", "minor", "patch"],
        "automerge": true
      }
    ]
  }

Renovate

Definition

Secure Settings Example

Insecure Settings Example

Ask AppSec: free security newsletter

Ask AppSec: free security newsletter