Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Our favorite Dependency updates has been deprived
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
tt
November 02, 2018
Programming
530
2
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Our favorite Dependency updates has been deprived
An introduction of Automated Dependency Updates with Renovate App
tt
November 02, 2018
More Decks by tt
See All by tt
戦略的なフロントエンドテストを実施するために
tatsushitoji
0
110
そろそろGraphQLの話をしよう
tatsushitoji
1
310
try Undux but...
tatsushitoji
0
290
Other Decks in Programming
See All in Programming
スマートグラスで並列バイブコーディング
hyshu
0
280
Webフレームワークの ベンチマークについて
yusukebe
0
200
吝嗇家のためのAI活用 / AI development for miser - ChatGPT + Issue Driven Development
tooppoo
0
180
LLM本来の能力を解き放つサンドボックス技術とAI民主化への適用
yukukotani
3
4.9k
SREは、MCPとSRE Agentをこう使え!
kazumax55
0
150
エンジニアと一緒にテストコードの設計と実装を改善した話
mototakatsu
0
250
Vue × Nuxt × Oxc どこまで使える?実運用の現在地
andpad
0
360
【やさしく解説 設計編 #0】DDDのコード、読めるのに分からない人へ
panda728
PRO
1
230
Mujeres en SEO Summit 2026 - Greatest Disaster Hits en Web Performance
guaca
0
240
初めてのKubernetes 本番運用でハマった話
oku053
0
120
Language Server 使ってる? 〜VSCode と Zed の場合〜 / Are you using a Language Server? ~For VS Code and Zed~
handlename
0
830
「正の参照」と 「負の導出」で組む ハーネスエンジニアリング
cottpan
1
120
Featured
See All Featured
Producing Creativity
orderedlist
PRO
348
40k
Making Projects Easy
brettharned
120
6.7k
Heart Work Chapter 1 - Part 1
lfama
PRO
8
36k
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
460
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
4.3k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
194
17k
The Cost Of JavaScript in 2023
addyosmani
55
10k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
6k
Rebuilding a faster, lazier Slack
samanthasiow
85
9.6k
Making the Leap to Tech Lead
cromwellryan
135
10k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.3k
sira's awesome portfolio website redesign presentation
elsirapls
0
300
Transcript
Our Favorite Dependency Updates Has Been Deprived ,BOTBJ/PEF$BNQVTUIQFSJPE !UBUTVTIJUPKJ
Hello World ! w ా࿏ཽ࢜!UBUTVTIJUPKJ w ࣾ ελʔτΞοϓ͓͡͞Μ w 'SPOUFOE&OHJOFFS
w 3FBDU)PPLTͲ͏ͳΔͷ͔ʁ খฒײ
First of all, npm’s documentation recommends that you use SemVer
• major → ϝδϟʔόʔδϣϯ1 • minor → ϚΠφʔόʔδϣϯ5 • patch → ύονόʔδϣϯ4 e.g. ^1.5.4 1.5.4Ҏ্2.0ະຬ
How to update npm packages ? Search for updates on
your own ? npm outdated ? yarn outdated ? yarn upgrade-interactive ? npx npm-check ?
How to update npm packages with apps ? ci-yarn-upgrade ?
green-keeper ? greenkeeper-keeper ? hothouse ?
In any case, There is our work ! But…
On March 15, 2018 Renovate launched !
Automated Dependency Updates Save time and reduce risk by automating
dependency updates in software projects. Fully customizable with a setting to suit every workflow.
Supports • Github • GitLab (APIv4) • VSTS → Azure
DevOps • BitBucket (ରԠத)
Language Supports • WORKSPACE Bazel • travis.yml Travis • Dockerfile
/ docker-compose.yml Docker • go.mod Golang • package.json npm/yarn • requirements.txt Python/PIP • composer.json PHP
Language Supports • JavaScript • package.json ΛͱʹόʔδϣϯΛ֬ೝ • Node.js Versions
• package.jsonͷengines • nvm.rcͷόʔδϣϯ • travis.ymlͷnode_js
some of the web's best-known projects
• ࣗಈͰPR࡞ • configϑΝΠϧͰॊೈʹΧελϚΠζ • OSS(ηϧϑϗεςΟϯάՄೳʂ) • GitHub App ܦ༝Ͱ؆୯ʹಋೖ
None
Our conventional updating work 1 • ߋ৽ϒϥϯνΛͬͯPush • PR࡞ •
GitHub web hook Ͱ CI࿈ܞͤͯ͞ςετ • ςετ݁ՌΛ֬ೝͯ͠ͳ͚ΕϚʔδ
Our conventional updating work 2 • ࣗಈͰߋ৽ϒϥϯνΛͬͯPush • ࣗಈͰPR࡞ •
GitHub web hook Ͱ CI࿈ܞͤͯ͞ςετ • ςετ݁ՌΛ֬ೝͯ͠ͳ͚ΕϚʔδ
Our updating work … ? • ࣗಈͰߋ৽ϒϥϯνΛͬͯPush • ࣗಈͰPR࡞ •
GitHub web hook Ͱ CI࿈ܞͤͯ͞ςετ • ࣗಈͰςετ݁Ռ(PR or branchͷstatus)Λ֬ೝ͠ ͯͳ͚ΕϚʔδ
Installation
• https://github.com/marketplace/renovate • ϓϥϯΛબ
• ͍ͭͮͯϦϙδτϦΛબͯ͠อଘ
͠Β͘͢Δͱ Onboading PR ͕࡞͞ΕΔ
• renovate.json ΛඞཁʹԠͯ͡ΧελϚΠζ • Onboading PR ΛϚʔδ͢Δ Ϛʔδͯ͠͠Β͘͢Δͱ…
RenovateʹΑͬͯࣗಈͰPR͕࡞͞Ε·͢
None
Basic custom config { "extends": [ “config:base”, “:preserveSemverRanges" ], "timezone":
"Asia/Tokyo", "schedule": "before 4am", "automerge": true, "major": { "automerge": false }, "packageRules": [ { "updateTypes": [ "major" ], "labels": [ "UPDATE-MAJOR" ] } ] }
My Favorite Dependency Updates Has Been Deprived
But Major Version …!
Finally … • ྨࣅΞϓϦͷதͰ಄ͻͱͭൈ͖ग़͍ͯΔ • Auto merge ʹରͯ͠৺ཧత҆શͷ֬อͷͨΊʹςετ Λ͔ͬ͠Γॻ͍͓ͯ͘ͱ •
unit_test, End to End, visual regression… • configϑΝΠϧͷઃఆɺςετམͪͨͱ͖ਓؒͷ֬ೝ ͱ͍ͬͨ࡞ۀ͋Δ
thx