Skip to content

ci: Replace Dependabot with Renovate#7645

Merged
matthewelwell merged 3 commits into
mainfrom
ci/dependabot-to-renovate
Jun 1, 2026
Merged

ci: Replace Dependabot with Renovate#7645
matthewelwell merged 3 commits into
mainfrom
ci/dependabot-to-renovate

Conversation

@matthewelwell
Copy link
Copy Markdown
Contributor

@matthewelwell matthewelwell commented May 29, 2026
edited
Loading

Thanks for submitting a PR! Please check the boxes below:

  • I have read the Contributing Guide.
  • I have added information to docs/ if required so people know about the feature.
  • I have filled in the "Changes" section below.
  • I have filled in the "How did you test this code" section below.

Changes

Replaces Dependabot with the Renovate GitHub App:

  • Removes .github/dependabot.yml
  • Adds renovate.json configured for security-only updates, with per-area reviewers and labels matching the previous Dependabot config (uv/api → back-end team, frontend npm → front-end team, docs npm → docs team)

Motivation: Dependabot stopped recognising this as a Python repo after the migration to uv, reporting "not a Python repo" on security alerts. Renovate has more robust uv support.

The Renovate GitHub App is already installed on the org, so no additional workflow is needed.

Note: Once merged, I'll need to:

  • Add this repository to the renovate app here
  • Disable dependabot from running on this repository here

How did you test this code?

Renovate will self-verify on merge by picking up renovate.json and running its first scan.

@matthewelwell matthewelwell requested a review from a team as a code owner May 29, 2026 16:04
@matthewelwell matthewelwell requested review from Zaimwa9 and removed request for a team May 29, 2026 16:04
@vercel
Copy link
Copy Markdown

vercel Bot commented May 29, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

3 Skipped Deployments
Project Deployment Actions Updated (UTC)
docs Ignored Ignored Preview Jun 1, 2026 9:25am
flagsmith-frontend-preview Ignored Ignored Preview Jun 1, 2026 9:25am
flagsmith-frontend-staging Ignored Ignored Preview Jun 1, 2026 9:25am

Request Review

@matthewelwell matthewelwell requested review from khvn26 and removed request for Zaimwa9 May 29, 2026 16:05
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026
edited
Loading

Docker builds report

Image Build Status Security report
ghcr.io/flagsmith/flagsmith-api-test:pr-7645 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-e2e:pr-7645 Finished ✅ Skipped
ghcr.io/flagsmith/flagsmith-frontend:pr-7645 Finished ✅ Results
ghcr.io/flagsmith/flagsmith:pr-7645 Finished ✅ Results
ghcr.io/flagsmith/flagsmith-api:pr-7645 Finished ✅ Results
ghcr.io/flagsmith/flagsmith-private-cloud:pr-7645 Finished ✅ Results

@github-actions github-actions Bot added the ci-cd Build, test and deployment related label May 29, 2026
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 29, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request deletes the Dependabot configuration file, which previously managed dependency updates for the Python API (using uv) and frontend/docs (using npm). There are no review comments, and we have no feedback to provide.

@matthewelwell @claude
ci: Remove redundant reviewers from renovate.json
ad16b58 
CODEOWNERS already maps each directory to the correct team.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions github-actions Bot added ci-cd Build, test and deployment related and removed ci-cd Build, test and deployment related labels May 29, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026
edited
Loading

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  38.5 seconds
commit  cd1852f
info  🔄 Run: #17113 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  43.7 seconds
commit  cd1852f
info  🔄 Run: #17113 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  3 passed

Details

stats  3 tests across 3 suites
duration  30.1 seconds
commit  cd1852f
info  🔄 Run: #17113 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  19.3 seconds
commit  cd1852f
info  🔄 Run: #17113 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  39 seconds
commit  ad16b58
info  🔄 Run: #17114 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  43.9 seconds
commit  ad16b58
info  🔄 Run: #17114 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  42 seconds
commit  ad16b58
info  🔄 Run: #17114 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  37.4 seconds
commit  ad16b58
info  🔄 Run: #17114 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  38.9 seconds
commit  f9d7402
info  🔄 Run: #17126 (attempt 1)

Playwright Test Results (oss - depot-ubuntu-latest-arm-16)

passed  1 passed

Details

stats  1 test across 1 suite
duration  44.3 seconds
commit  f9d7402
info  🔄 Run: #17126 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-arm-16)

passed  3 passed

Details

stats  3 tests across 3 suites
duration  40.6 seconds
commit  f9d7402
info  🔄 Run: #17126 (attempt 1)

Playwright Test Results (private-cloud - depot-ubuntu-latest-16)

passed  2 passed

Details

stats  2 tests across 2 suites
duration  43.5 seconds
commit  f9d7402
info  🔄 Run: #17126 (attempt 1)

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented May 29, 2026
edited
Loading

Visual Regression

19 screenshots compared. See report for details.
View full report

@codecov
Copy link
Copy Markdown

codecov Bot commented May 29, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 98.52%. Comparing base (482f0ff) to head (f9d7402).
⚠️ Report is 19 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff            @@
##             main    #7645    +/-   ##
========================================
  Coverage   98.51%   98.52%            
========================================
  Files        1439     1443     +4     
  Lines       54690    55047   +357     
========================================
+ Hits        53880    54237   +357     
  Misses        810      810

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

emyller
emyller previously approved these changes May 29, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@emyller emyller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Lezz go!!!

(one question)

Comment thread renovate.json Outdated
khvn26
khvn26 reviewed May 29, 2026
View reviewed changes
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
Comment thread renovate.json Outdated
@matthewelwell @claude
ci: Apply review suggestions to renovate.json
f9d7402 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
@github-actions github-actions Bot added ci-cd Build, test and deployment related and removed ci-cd Build, test and deployment related labels Jun 1, 2026
khvn26
khvn26 approved these changes Jun 1, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@khvn26 khvn26 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@matthewelwell matthewelwell merged commit 5b4dff0 into main Jun 1, 2026
33 checks passed
@matthewelwell matthewelwell deleted the ci/dependabot-to-renovate branch June 1, 2026 10:44
@flagsmithdev flagsmithdev mentioned this pull request Jun 1, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khvn26 khvn26 khvn26 approved these changes

@emyller emyller emyller left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

ci-cd Build, test and deployment related

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@matthewelwell @emyller @khvn26