Merge branch 'main' of github.com:renovatebot/renovate into refactor/…

…replace-todo-with-issues

.github/ISSUE_TEMPLATE/bug_report.md

@@ -37,7 +37,7 @@ Copy/paste any log here, between the starting and ending backticks
 
 **Have you created a minimal reproduction repository?**
 
-Please read the [minimal reproductions documentation](https://github.com/renovatebot/renovate/blob/master/docs/development/minimal-reproductions.md) to learn how to make a good minimal reproduction repository.
+Please read the [minimal reproductions documentation](https://github.com/renovatebot/renovate/blob/main/docs/development/minimal-reproductions.md) to learn how to make a good minimal reproduction repository.
 
 - [ ] I have provided a minimal reproduction repository
 - [ ] I don't have time for that, but it happens in a public repository I have linked to

.github/auto-cancel-actions.yml

@@ -1,5 +1,5 @@
 version: 1
 push:
   branches:
-    - '!master'
+    - '!main'
 pull_request:

.github/contributing.md

@@ -16,7 +16,7 @@ If you've found a **bug** or have a **feature request** then please create an is
 ## Code
 
 If you would like to fix a bug or implement a feature, please fork the repository and create a Pull Request.
-More information on getting set up locally can be found in [docs/development/local-development.md](https://github.com/renovatebot/renovate/blob/master/docs/development/local-development.md).
+More information on getting set up locally can be found in [docs/development/local-development.md](https://github.com/renovatebot/renovate/blob/main/docs/development/local-development.md).
 
 Before you start any Pull Request, it's recommended that you create an issue to discuss first if you have any doubts about requirement or implementation.
 That way you can be sure that the maintainer(s) agree on what to change and how, and you can hopefully get a quick merge afterwards.

.github/label-actions.yml

@@ -8,7 +8,7 @@
     A minimal reproduction helps us with this.
 
 
-    To get started, please read our guide on [minimal reproductions](https://github.com/renovatebot/renovate/blob/master/docs/development/minimal-reproductions.md) to understand what is needed.
+    To get started, please read our guide on [minimal reproductions](https://github.com/renovatebot/renovate/blob/main/docs/development/minimal-reproductions.md) to understand what is needed.
 
 
     We may close the issue if you have not provided a minimal reproduction within two weeks.

.github/prettifier.yml

@@ -1,4 +1,4 @@
 commitMessage: 'Apply prettier formatting fix'
 excludeBranches:
-  - master
+  - main
 pullsOnly: true

.github/pull_request_template.md

@@ -24,7 +24,7 @@ I have verified these changes via:
 - [ ] No new tests but ran on a real repository, or
 - [ ] Both unit tests + ran on a real repository
 
-<!-- Do you have any suggestions about this PR template? Edit it here: https://github.com/renovatebot/renovate/edit/master/.github/pull_request_template.md -->
+<!-- Do you have any suggestions about this PR template? Edit it here: https://github.com/renovatebot/renovate/edit/main/.github/pull_request_template.md -->
 
 <!-- Please do not force push to your PR's branch after you have created your PR, as doing so forces us to review the whole PR again. This makes it harder for us to review your work because we don't know what has changed. -->
 <!-- PRs will always be squashed by us when we merge your work. Commit as many times as you need in this branch. -->

.github/workflows/build.yml

@@ -3,15 +3,23 @@ name: build
 on:
   push:
     branches:
-      - master
+      - main
+      - v24
 
   workflow_dispatch:
+    inputs:
+      dryRun:
+        description: 'Dry-Run'
+        default: 'true'
 
 env:
+  # Currently no way to detect automatically (#8153)
+  DEFAULT_BRANCH: main
   YARN_MODULES_CACHE_KEY: v1
   YARN_PACKAGE_CACHE_KEY: v1
   YARN_CACHE_FOLDER: .cache/yarn
   NODE_VERSION: 14
+  DRY_RUN: true
 
 jobs:
   test:
@@ -97,7 +105,8 @@ jobs:
         uses: codecov/codecov-action@v1.4.1
         if: always() && env.coverage == 'true'
 
-      # build after tests to exclude files
+      # build after tests to exclude build files from tests
+      # TODO: check if build before test speeds up tests
       - name: Build
         run: yarn build
 
@@ -178,6 +187,16 @@ jobs:
           yarn config set version-git-tag false
           npm config set scripts-prepend-node-path true
 
+      - name: Check dry run
+        run: |
+          if [[ "${{github.event_name}}" == "workflow_dispatch" && "${{ github.event.inputs.dryRun }}" != "true"  ]]; then
+            echo "DRY_RUN=false" >> $GITHUB_ENV
+          elif [[ "${{github.ref}}" == "refs/heads/${{env.DEFAULT_BRANCH}}" ]]; then
+            echo "DRY_RUN=false" >> $GITHUB_ENV
+          elif [[ "${{github.ref}}" =~ ^refs/heads/v[0-9]+(\.[0-9]+)?$ ]]; then
+            echo "DRY_RUN=false" >> $GITHUB_ENV
+          fi
+
       # full checkout for semantic-release
       - uses: actions/checkout@v2.3.4
         with:
@@ -193,10 +212,9 @@ jobs:
         run: yarn install --frozen-lockfile
 
       - name: semantic-release
-        if: github.ref == 'refs/heads/master'
         run: |
           echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> ~/.npmrc
-          npx semantic-release --dry-run ${{github.ref != 'refs/heads/master'}} --ci ${{github.ref == 'refs/heads/master'}}
+          npx semantic-release --dry-run ${{env.DRY_RUN}}
         env:
           GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/codeql-analysis.yml

@@ -2,10 +2,10 @@ name: 'Code scanning - action'
 
 on:
   push:
-    branches: [master]
+    branches: [main]
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [master]
+    branches: [main]
   schedule:
     - cron: '0 13 * * 1'
 

.github/workflows/release-npm.yml

@@ -1,13 +1,29 @@
 name: release-npm
+
 on:
   repository_dispatch:
     types: [renovate-release]
 
+  workflow_dispatch:
+    inputs:
+      sha:
+        description: 'Git sha to checkout'
+        required: true
+      version:
+        description: 'Version to release'
+        required: true
+      tag:
+        description: 'Npm dist-tag'
+        default: 'latest'
+
 env:
   YARN_MODULES_CACHE_KEY: v1
   YARN_PACKAGE_CACHE_KEY: v1
   YARN_CACHE_FOLDER: .cache/yarn
   NODE_VERSION: 14
+  GIT_SHA: ${{ github.event.client_payload.sha }}
+  NPM_VERSION: ${{ github.event.client_payload.version }}
+  NPM_TAG: ${{ github.event.client_payload.tag }}
 
 jobs:
   release-npm:
@@ -27,9 +43,17 @@ jobs:
           yarn config set version-git-tag false
           npm config set scripts-prepend-node-path true
 
+      - name: Prepare env
+        run: |
+          if [[ "${{github.event_name}}" == "workflow_dispatch" ]]; then
+            echo "GIT_SHA=${{ github.event.inputs.sha }}" >> $GITHUB_ENV
+            echo "NPM_VERSION=${{ github.event.inputs.version }}" >> $GITHUB_ENV
+            echo "NPM_TAG=${{ github.event.inputs.tag }}" >> $GITHUB_ENV
+          fi
+
       - uses: actions/checkout@v2.3.4
         with:
-          ref: ${{ github.event.client_payload.sha }}
+          ref: ${{ env.GIT_SHA }}
 
       - name: Cache Yarn packages
         id: yarn_cache_packages
@@ -41,16 +65,16 @@ jobs:
       - name: Installing dependencies
         run: yarn install --frozen-lockfile
 
-      - name: Build ${{ github.event.client_payload.version }}
+      - name: Build ${{ env.NPM_VERSION }}
         run: yarn build
 
-      - name: Prepare ${{ github.event.client_payload.version }}
+      - name: Prepare  ${{ env.NPM_VERSION }}
         run: |
-          npm --no-git-tag-version version ${{ github.event.client_payload.version }}
+          npm --no-git-tag-version version ${{ env.NPM_VERSION }}
 
-      - name: Publish ${{ github.event.client_payload.version }}
+      - name: Publish ${{ env.NPM_VERSION }}
         run: |
           echo '//registry.npmjs.org/:_authToken=${NPM_TOKEN}' >> ~/.npmrc
-          npm publish
+          npm publish --tag ${NPM_TAG:-latest}
         env:
           NPM_TOKEN: ${{ secrets.NPM_TOKEN }}

.github/workflows/ws_scan.yaml

@@ -2,7 +2,7 @@ name: whitesource-scan
 
 on:
   push:
-    branches: [master]
+    branches: [main]
 
 jobs:
   WS_SCAN:
@@ -14,4 +14,4 @@ jobs:
         run: curl -LJO https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar
 
       - name: Run UA scan
-        run: java -jar wss-unified-agent.jar -d $GITHUB_WORKSPACE -noConfig true -apiKey ${{ secrets.WS_ORG_TOKEN }} -product W4D -project "Renovate OS - master" -resolveAllDependencies false -npm_resolveDependencies true
+        run: java -jar wss-unified-agent.jar -d $GITHUB_WORKSPACE -noConfig true -apiKey ${{ secrets.WS_ORG_TOKEN }} -product W4D -project "Renovate OS - main" -resolveAllDependencies false -npm_resolveDependencies true

.releaserc

@@ -12,7 +12,7 @@
       "@semantic-release/exec",
       {
         "verifyConditionsCmd": "run-s verify",
-        "publishCmd": "run-s \"release -- {@}\" -- --release=${nextRelease.version} --sha=${nextRelease.gitHead}"
+        "publishCmd": "run-s \"release -- {@}\" -- --release=${nextRelease.version} --sha=${nextRelease.gitHead} --tag=${nextRelease.channel}"
       }
     ]
   ],
@@ -82,5 +82,15 @@
       }
     ]
   },
-  "tagFormat": "${version}"
+  "tagFormat": "${version}",
+  "branches": [
+    {
+      "name": "v24",
+      "range": "24.x",
+      "channel": "v24"
+    },
+    {
+      "name": "main"
+    }
+  ]
 }

docs/development/design-decisions.md

@@ -80,7 +80,7 @@ This allows users to close unwelcome upgrade PRs and not worry about them being
 With the default behavior of one branch per dependency, it's often the case that a PR gets merge conflicts after an adjacent dependency update is merged.
 Although platforms often have a web interface for simple merge conflicts, this is still annoying to resolve manually.
 
-`renovate` will rebase any unmergeable branches and add the latest necessary commit on top of the most recent `master` commit.
+`renovate` will rebase any unmergeable branches and add the latest necessary commit on top of the most recent `main` commit.
 
 Note: `renovate` will only do this if the original branch hasn't been modified by anyone else.
 

docs/development/local-development.md

@@ -75,7 +75,6 @@ The Renovate project uses the [Yarn](https://github.com/yarnpkg/yarn) package ma
 
 To ensure everything is working properly on your end, you must:
 
-1. Make sure you don't have a local `.npmrc` file that overrides npm's default registry
 1. Install all dependencies with `yarn install`
 1. Make a build with `yarn build`, which should pass with no errors
 1. Verify all tests pass and have 100% test coverage, by running `yarn test`
@@ -150,9 +149,9 @@ You usually don't need to fix any Prettier errors by hand.
 
 ## Keeping your Renovate fork up to date
 
-First of all, never commit to the `master` branch of your fork - always use a "feature" branch like `feat/1234-add-yarn-parsing`.
+First of all, never commit to the `main` branch of your fork - always use a "feature" branch like `feat/1234-add-yarn-parsing`.
 
-Make sure your fork is up to date with the Renovate `master` branch, check this each time before you create a new branch.
+Make sure your fork is up to date with the Renovate `main` branch, check this each time before you create a new branch.
 To do this, see these GitHub guides:
 
 [Configuring a remote for a fork](https://help.github.com/articles/configuring-a-remote-for-a-fork/)

docs/development/triage-guide.md

@@ -26,7 +26,7 @@ Don't be afraid to ask for help.
 ### Apply labels to issues
 
 All issues should have labels attached to them.
-Read the [issue-labeling guide](https://github.com/renovatebot/renovate/blob/master/docs/development/issue-labeling.md) to get all the necessary info.
+Read the [issue-labeling guide](https://github.com/renovatebot/renovate/blob/main/docs/development/issue-labeling.md) to get all the necessary info.
 
 In general try to make a good-faith effort to label things correctly.
 

docs/usage/config-presets.md

@@ -119,45 +119,6 @@ Parameters must be strings, non-quoted, and separated by commas if there are mor
 If you find that you are repeating config a lot, you might consider publishing one of these types of parameterised presets yourself.
 Or if you think your preset would be valuable for others, please contribute a PR to the Renovate repository.
 
-## How to Publish Preset Configs
-
-If you manage multiple repositories using Renovate and want the same custom config across all or most of them, then you might want to consider publishing your own preset config so that you can "extend" it in every applicable repository.
-That way when you want to change your Renovate configuration you can make the change in one location rather than having to copy/paste it to every repository individually.
-
-Let's say that your username on npm and elsewhere is "fastcore".
-In that case, you can choose between publishing your preset config package as `@fastcore/renovate-config` or `renovate-config-fastcore`.
-Let's assume you choose `renovate-config-fastcore` as the package name:
-
-You then need to publish the `renovate-config-fastcore` package where the `package.json` contains the field `renovate-config` and then put your config under the field `default`.
-For example:
-
-```json
-{
-  "name": "renovate-config-fastcore",
-  "version": "0.0.1",
-  ...
-  "renovate-config": {
-    "default": {
-      "extends": ["config:base", "schedule:nonOfficeHours"]
-    }
-  }
-}
-```
-
-Then in each of your repositories you can add your Renovate config like:
-
-```json
-  "extends": ["fastcore"]
-```
-
-Any repository including this config will then adopt the rules of the default `library` preset but schedule it on weeknights or weekends.
-
-Note: if you prefer to publish using the namespace `@fastcore/renovate-config` then you would use the `@` prefix instead:
-
-```json
-  "extends": ["@fastcore"]
-```
-
 ## GitHub-hosted Presets
 
 It is also possible to host your preset config using just a regular GitHub repository and without needing to publish it to npmjs.
@@ -236,3 +197,44 @@ For example the result may be:
   "extends": ["local>myorgname/.github:renovate-config"]
 }
 ```
+
+## npm-hosted presets
+
+Using npm-hosted presets is deprecated, we recommend you do not follow these instructions and instead use a `local` preset.
+
+If you manage multiple repositories using Renovate and want the same custom config across all or most of them, then you might want to consider publishing your own preset config so that you can "extend" it in every applicable repository.
+That way when you want to change your Renovate configuration you can make the change in one location rather than having to copy/paste it to every repository individually.
+
+Let's say that your username on npm and elsewhere is "fastcore".
+In that case, you can choose between publishing your preset config package as `@fastcore/renovate-config` or `renovate-config-fastcore`.
+Let's assume you choose `renovate-config-fastcore` as the package name.
+
+You then need to publish the `renovate-config-fastcore` package where the `package.json` contains the field `renovate-config` and then put your config under the field `default`.
+For example:
+
+```json
+{
+  "name": "renovate-config-fastcore",
+  "version": "0.0.1",
+  ...
+  "renovate-config": {
+    "default": {
+      "extends": ["config:base", "schedule:nonOfficeHours"]
+    }
+  }
+}
+```
+
+Then in each of your repositories you can add your Renovate config like:
+
+```json
+  "extends": ["fastcore"]
+```
+
+Any repository including this config will then adopt the rules of the default `library` preset but schedule it on weeknights or weekends.
+
+Note: if you prefer to publish using the namespace `@fastcore/renovate-config` then you would use the `@` prefix instead:
+
+```json
+  "extends": ["@fastcore"]
+```