chore: Configure Renovate #1
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ted script\n\nReplace broken UV_PYTHON_SPEC preview with neutral Python stack preview.\nRoute uv install to scripts/install_uv.sh reconcile.
…ilities - Show npm, pnpm, yarn prompts unconditionally (outside Node block) - Update via Corepack; fallback to npm global installs - Re-audit after each action - Include black in Python utilities prompt
… prefer yarn@stable - Ensure corepack enable on update - corepack prepare pnpm@latest --activate || npm i -g pnpm@latest - corepack prepare yarn@stable --activate || npm i -g yarn@latest - Keep npm/eslint/prettier updated
…e/rename.ul - Skip Corepack shim package.json; invoke real pnpm/yarn for versions - Prefer Yarn stable and Yarn tags endpoint; upstream_method=yarn-tags - Detect uv-managed tools via 'uv tool list' and symlink targets; report 'uv tool' - Separate perl 'prename' and util-linux 'rename.ul' and parse versions
…d via official installer Detect ~/.local/bin/uv and label as 'github binary'; keep pipx/user for pipx venv symlinks.
Detect pipx-installed Python CLIs and prompt to reinstall with 'uv tool', uninstalling pipx version to avoid shim conflicts; re-audit after action.
- audit: show upstream_method as 'uv tool' for PyPI tools - guide: migrate any pipx/pip-installed Python CLIs (incl. pip/pipx/ansible-core) to uv tool with uninstall of old shims
…y as 'uv venv'/'uv python'\n\n- Prefer ~/.venvs/dev/bin/python or /home/sme/.local/share/uv/python/cpython-3.13.6-linux-x86_64-gnu/bin/python3.13 for installed Python\n- Show proper installed_method for uv-managed Python\n- Keeps PATH scan fallback for non-uv setups
…- Prefer ansible-community for community version; keep ansible-core CLI present\n- Ensure install_ansible.sh also installs ansible-core via uv to retain ansible shim\n- Detect uv-managed tools via real target path; refine pipx detection\n- Classify npm global installs (user/system) via node_modules real path\n- Improve unknown -> /home/.local/bin classification where appropriate
…Add installed_path_resolved and classification_reason in JSON output\n- Introduce CLI_AUDIT_DEBUG to surface suppressed exceptions\n- Refresh AUDIT_JSON after Ansible install in guide.sh\n- Refactor classification into helper for transparency
…asdf/shims and installs as 'asdf'\n- Classify ~/.nodenv/shims and versions as 'nodenv'
…t DPKG path/owner/version caches to CLI_AUDIT_DPKG_CACHE_LIMIT (default 1024)\n- Prevent unbounded growth during repeated audits
…install-method classifiers
…on' to avoid engine version
…ble; remove dead constant
…-origin caps; delegate http_get
…ual normalization
… Introduce COLLECT_ONLY/RENDER_ONLY env modes\n- Add snapshot write/read (tools_snapshot.json) with __meta__\n- Render audit strictly from snapshot in render-only mode\n- Persist upstream lookup method to latest_versions.json on success\n- Improve version detection flags (jq, fzf, ctags, ripgrep, ast-grep) and filter error/usage lines\n- Narrow state column and remove subheaders for compact table\n- Add readiness summary and optional streaming rows
Add comprehensive root agent guide covering: - Overview (Phase 1 complete, Phase 2 planned) - Setup with Python 3.10+ requirements - Build & tests (make audit, update, lint) - Code style (PEP 8, type hints, frozen dataclasses) - Security (HTTPS-only, no secrets, rate limiting) - PR/commit checklist (Conventional Commits) - Good vs bad examples (dataclasses, locks, parallelization) - When stuck (troubleshooting workflows) - House Rules (SOLID, DRY, KISS, testing, docs currency) Thin root file references scoped AGENTS.md files. Follows https://github.com/anthropics/claude-code convention. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add comprehensive guide for 13+ installation scripts: - Overview (install/update/uninstall/reconcile actions) - Setup (INSTALL_PREFIX, FORCE_INSTALL, DEBUG) - Build & tests (individual scripts, Make targets, debug mode) - Code style (Bash 4.0+, set -euo pipefail, error handling) - Security (HTTPS downloads, checksum verification, sudo safety) - PR/commit checklist (shellcheck, test all actions) - Good vs bad examples (robust downloads, version comparison, cleanup) - When stuck (debug workflows, PATH issues, reconciliation) - House Rules (vendor tools preferred, parallel reconciliation) References Phase 2 ADRs for installation strategy decisions. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Runtime directories should not be tracked in version control: - config/: Contains runtime configuration (hypercorn.toml, secret keys) - logs/: Contains upgrade logs and runtime output 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
GNU Parallel is available via system package managers (apt, brew, dnf, pacman), no need for custom script installer. Fixes installation error: "Installer not found: scripts/installers/script.sh" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Prevents hangs when tools don't support --version flag or expect stdin input. Changes: - package_manager.sh: Added timeout 2 and </dev/null to version detection - github_release_binary.sh: Added timeout 2 and </dev/null to all version checks Fixes hang when installing tools like sponge that don't have --version flag and would wait for stdin input indefinitely. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
…tools Before: Confusing "Nothing to upgrade" message appeared after upgrading uv After: Clear messages showing: - "uv upgraded: X.Y.Z → A.B.C" when uv binary is upgraded - "uv already at latest version: X.Y.Z" when no upgrade needed - "Checking uv-managed tools..." before checking tool upgrades - "Nothing to upgrade" now clearly refers to uv-managed tools Changes: - self_update_uv(): Capture before/after versions and show upgrade status - upgrade_uv_tools(): Add context message before checking tools - Filter out "info:" progress messages from uv self update Fixes confusing UX where successful uv upgrade showed "Nothing to upgrade" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
…ode.js Problem: npm was detected as "bundled with runtime" and skipped upgrade Solution: Created npm_self_update.sh installer that uses 'npm install -g npm@latest' Changes: - scripts/installers/npm_self_update.sh: New installer for npm upgrades - catalog/npm.json: Switch from package_manager to npm_self_update method npm can be upgraded independently from Node.js, even though it comes bundled. This allows users to get the latest npm version without upgrading Node.js. Before: npm 11.6.1 → "Already available (bundled with runtime)" After: npm 11.6.1 → 11.6.2 "Successfully upgraded" 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Problem: Tools without --version flag (like sponge) couldn't report versions Solution: Added version_command field to catalog for custom version detection Changes: - package_manager.sh: Check for version_command field and eval if present - sponge.json: Added version_command using dpkg to get moreutils version This allows tools that are part of larger packages or don't have standard --version flags to still report their versions correctly. Before: [sponge] before: <none> / after: <none> After: [sponge] before: 0.69-1 / after: 0.69-1 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
GNU Parallel releases frequently (monthly), but system package managers are typically 1-2 years behind. Current versions: - apt/Ubuntu: 20231122 (Nov 2023) - Upstream: 20250922 (Sep 2025) Trade-off accepted: Simplicity via package manager vs latest version. Users needing absolute latest can install from GNU website. Note added to catalog with link to upstream for manual installation. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Problem: codex fails with Python 3.14 due to removed pkgutil.get_loader() Solution: Pin codex to Python 3.13 via python_version catalog field Changes: - uv_tool.sh: Add support for python_version field with --python flag - uv_tool.sh: Add timeout to version detection to prevent hangs - codex.json: Pin to Python 3.13 with explanatory note Python 3.14 removed pkgutil.get_loader() which breaks codex's dependency 'confuse'. Pinning to 3.13 ensures compatibility until upstream fixes. Error before: AttributeError: module 'pkgutil' has no attribute 'get_loader' Expected after: codex runs successfully on Python 3.13 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
renovate
bot
force-pushed
the
renovate/configure
branch
2 times, most recently
from
4e71404 to
fc48743
Compare
Added 'make check-python-managers' command to detect multiple Python package managers (pip, pipx, uv) and guide users toward consolidation. Changes: - scripts/check_python_package_managers.sh: New health check script * Detects pip, pipx, and uv installations * Warns when multiple managers are present * Recommends consolidation to uv for 10-100x performance improvement * Provides migration commands for pipx and pip tools - Makefile: Added check-python-managers to .PHONY list - Makefile.d/user.mk: Added check-python-managers target Output scenarios: 1. Only uv: "✓ Only uv is installed - optimal configuration!" 2. Multiple managers: Warnings with migration guidance 3. No uv: Recommendation to install uv with benefits Helps users maintain a clean, fast Python tooling environment by avoiding conflicts between pip, pipx, and uv. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
- Created scripts/check_node_package_managers.sh to detect npm/yarn/pnpm/bun - Warns about lock file conflicts and wasted disk space from multiple managers - Recommends priority: pnpm > bun > npm > yarn - Added make target: check-node-managers - Provides project-specific guidance for package manager selection
…de workflow - Added Stage 6: Package Manager Health Checks to upgrade-all workflow - Health checks run after all upgrades complete - Detects conflicts in Python package managers (pip/pipx/uv) - Detects conflicts in Node.js package managers (npm/yarn/pnpm/bun) - Provides migration guidance when conflicts are found - Health check results logged and reported in upgrade summary - Updated workflow description from 5-stage to 6-stage
- Added health checks to 'make update' after version data collection - Runs check-path, check-python-managers, and check-node-managers - Provides early warning about configuration issues before upgrades - All checks run with '|| true' to not block update process - Users get immediate feedback about PATH and package manager conflicts
- Created scripts/pin_version.sh to pin tools to specific versions - Created scripts/unpin_version.sh to remove version pins - Updated cli_audit.py to treat pinned tools as up-to-date - Modified guide.sh to prompt for pinning when: * User declines an upgrade * Upgrade fails or version doesn't change - Pinned versions stored in catalog JSON as 'pinned_version' field - Prevents repeated prompts for tools that can't be upgraded
- Changed prompt from [y/N] to [y/N/s/p]
- Added 's' option: Skip this specific version (pin to target, prompt if newer)
- Added 'p' option: Pin to current version (don't ask for upgrades)
- Display option explanations before prompt for clarity
- Removes need for secondary prompt after declining upgrade
- Options only shown when tool is already installed
Example:
Install/update? [y/N/s/p]
y = Install/upgrade now
N = Skip (ask again next time)
s = Skip version 6.2.0 (ask again if newer available)
p = Pin to 5.9.0 (don't ask for upgrades)
…ction Critical bug fix: - Used undefined PROJECT_ROOT variable in pinning code - Caused NameError exception for all tools during audit - Resulted in all tools showing as 'unknown' with no version info Fix: - Replaced PROJECT_ROOT with os.path.dirname(os.path.abspath(__file__)) - Use os.path.join() for cross-platform path construction - Now correctly loads catalog files to check for pinned_version Affected tools (now working again): - node, docker, docker-compose, bat, entr, parallel - And all other tools in the audit system
- Extended [y/N/s/p] prompt to non-installed tools
- Added 's' option for not-installed: Skip this version (prompt if newer)
- Added 'p' option for not-installed: Never install (permanently skip)
- When tool not installed and user selects 'p', pins to 'never'
- Updated audit to treat pinned_version='never' as UP-TO-DATE
- Suppresses install prompts for tools user doesn't want
User experience:
For installed tools:
p = Pin to current version (don't ask for upgrades)
For non-installed tools:
p = Never install (permanently skip this tool)
Example:
==> ❌ Ruby (rbenv)
installed: <none> via unknown
target: 3.4.7
Options:
y = Install/upgrade now
N = Skip (ask again next time)
s = Skip version 3.4.7 (ask again if newer available)
p = Never install (permanently skip this tool)
Install/update? [y/N/s/p]
Problem: - Tools with install_method='auto' (bat, ripgrep, etc.) were not upgrading - Reconcile system skipped reinstall when tool was via best method - guide.sh always called install_tool.sh without action parameter - Default action 'install' triggered reconcile mode which skipped upgrade Solution: 1. Pass actual action (install/update/reconcile) to reconcile_tool 2. Only skip reinstall if action is 'reconcile' (not update/install) 3. guide.sh now uses 'update' action for already-installed tools 4. Reconcile system reinstalls tool when action is update/install Result: - bat successfully upgrades: 0.25.0 → 0.26.0 - All auto-install tools now upgrade correctly - Reconcile action still skips if already via best method
- Load description and homepage from catalog using catalog_get_property - Display description below tool name if available - Display homepage as OSC8 hyperlink if available - Helps users understand what tools are before installing/upgrading
- Add pre-release filtering for Python in Atom feed fallback - Filter out alpha, beta, rc versions (e.g., v3.15.0a1, v3.14.0rc3) - Pick highest stable version by semantic version comparison - Fixes issue where Python 3.15.0a1 (alpha) was detected as latest - Now correctly identifies 3.14.0 as latest stable version The Atom feed fallback is used when GitHub API is rate-limited. Without this fix, pre-release versions would be treated as stable upgrades, prompting users to install alpha/beta Python versions.
- Extend pre-release filtering from Python-only to all GitHub repos - Filter out rc, alpha, beta suffixes (e.g., v29.0.0-rc.1, v3.15.0a1) - Accept only stable versions matching vX.Y or vX.Y.Z pattern - Pick highest stable version by semantic version comparison - Fixes Docker showing 29.0.0-rc.1 as upgrade target when 28.5.1 is latest stable The Atom feed is a fallback when GitHub API is rate-limited or /releases/latest doesn't exist. Pre-releases in the Atom feed would previously be treated as stable versions, causing incorrect upgrade prompts for alpha/beta/rc versions across all tools.
Updated hints for tools now using filtered Atom feed: - docker/cli: atom -> atom_filtered (filters v29.0.0-rc.1)
Snapshot now reflects pre-release filtering fixes: - Python: 3.14.0 (was showing 3.15.0a1 incorrectly) - Docker: 28.5.1 (was showing 29.0.0-rc.1 incorrectly) - Status updates from version pinning and testing
renovate
bot
force-pushed
the
renovate/configure
branch
from
fc48743 to
10dee9d
Compare
Renovate is disabledRenovate is disabled because there is no Renovate configuration file. To enable Renovate, you can either (a) change this PR's title to get a new onboarding PR, and merge the new onboarding PR, or (b) create a Renovate config file, and commit that file to your base branch. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.
🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.
Detected Package Files
.github/workflows/ci.yml(github-actions).github/workflows/release.yml(github-actions)package.json(npm)requirements-dev.txt(pip_requirements)pyproject.toml(poetry).python-version(pyenv)Configuration Summary
Based on the default config's presets, Renovate will:
fixfor dependencies andchorefor all others if semantic commits are in use.node_modules,bower_components,vendorand various test/tests (except for nuget) directories.🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to
renovate.jsonin this branch. Renovate will update the Pull Request description the next time it runs.What to Expect
With your current configuration, Renovate will create 7 Pull Requests:
chore(deps): update dependency @anthropic-ai/claude-code to v2.0.27
renovate/anthropic-ai-claude-code-2.x-lockfilemain2.0.27chore(deps): update dependency python to 3.14
renovate/python-3.xmain3.14chore(deps): update actions/checkout action to v5
renovate/actions-checkout-5.xmainv5chore(deps): update actions/setup-python action to v6
renovate/actions-setup-python-6.xmainv6chore(deps): update codecov/codecov-action action to v5
renovate/codecov-codecov-action-5.xmainv5chore(deps): update github artifact actions (major)
renovate/major-github-artifact-actionsmainv6v5chore(deps): update softprops/action-gh-release action to v2
renovate/softprops-action-gh-release-2.xmainv2🚸 Branch creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for
prhourlylimitfor details.❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.
This PR was generated by Mend Renovate. View the repository job log.