fix(deps): update dependency semver to v7.7.1 #880
Conversation
![renovate[bot]](https://avatars.githubusercontent.com/in/2740?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/semver-7.x-lockfile
branch
from
6e943db to
dda48f5
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #880 +/- ##
=======================================
Coverage 98.76% 98.76%
=======================================
Files 21 21
Lines 1219 1219
Branches 142 142
=======================================
Hits 1204 1204
Misses 15 15 ☔ View full report in Codecov by Sentry. |
|
@JoshuaKGoldberg is this a bug in Renovate that he indicated the type of commit and PR as a |
|
@michaelfaith but in fact, nothing has changed for the eslint-plugin-package-json user, so it’s strange to see the patch update of this dependency in Bug Fixes. |
|
I agree for the most part, for dev tools like this. For some things though dependency changes are meaningful. For instance, when a library bumps a major version of a dependency. Consuming projects might be using that library at the lower version through other packages, which can lead to bundle size bloat, because different bundles will be pulling in different versions of that package. By hiding those changes it can create issues for those consumers. With that said, that's not really an issue for devtooling usually. So, I can look into adjusting. We recently changed to extend the recommended config from renovate, which includes all the settings they consider best practice. |
|
Yeah I think technically this is correct, since If Renovate doesn't have a thing for this then we could fall back to changing https://github.com/JoshuaKGoldberg/should-semantic-release. It gates running |
|
This is the preset that |
|
We would basically just need to add {
"matchDepTypes": [
"dependencies",
],
"semanticCommitType": "chore"
},to undo that bit of their preset. |
|
Though, even with that, I would probably recommend at least distinguishing major version bumps in the changelog, even if we omitted the others. |
|
That would look something like [
{
"matchDepTypes": [
"dependencies",
],
"semanticCommitType": "chore"
},
{
"matchDepTypes": [
"dependencies",
],
"matchUpdateTypes": ["major"],
"semanticCommitType": "fix"
},
] |
|
@JoshuaKGoldberg do you have a preference between the above two options? (Marking majors as |
This PR contains the following updates:
7.7.0->7.7.1Release Notes
npm/node-semver (semver)
v7.7.1Compare Source
Bug Fixes
af761c0#764 inc: fully capture prerelease identifier (#764) (@wraithgar)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.