feat: Fix renovate-deps extractVersion handling#304
Open
zeitlinger wants to merge 1 commit into
Open
Conversation
zeitlinger
changed the title
zeitlinger
force-pushed
the
feat/zizmor
branch
5 times, most recently
from
88fbdfb to
2f892a3
Compare
Signed-off-by: Gregor Zeitlinger <gregor.zeitlinger@grafana.com>
Contributor
There was a problem hiding this comment.
Pull request overview
This PR enhances the renovate-deps linter to detect (and sometimes auto-fix) stalled Renovate updates caused by stale/mismatched extractVersion rules, with Biome as a motivating case, and updates Flint’s Renovate presets/config plus test coverage accordingly.
Changes:
- Extend Renovate snapshot extraction to capture
currentValue,currentVersion, andextractVersion, validateextractVersionconsistency, and strip lookup-only fields before writing the committed snapshot. - Add
--fixbehavior to append targetedpackageRules.extractVersionoverrides when Flint can infer a better regex, then re-run lookup. - Add unit + e2e/fixture coverage and align
default.jsonand.github/renovate.json5with an explicit Biome override; harden e2e git setup.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| tests/e2e.rs | Disables commit signing in temp repos to make e2e git commits reliable. |
| tests/cases/renovate-deps/extract-version-autofix/test.toml | New fixture asserting the extractVersion mismatch autofix flow and resulting config/snapshot behavior. |
| tests/cases/renovate-deps/extract-version-autofix/files/renovate.json5 | New empty starting Renovate config fixture for the autofix case. |
| tests/cases/renovate-deps/extract-version-autofix/files/mise.toml | New mise fixture containing a Biome tool version to exercise the failure mode. |
| src/registry/tests.rs | Adds an alignment assertion ensuring the Biome override stays consistent between default.json and .github/renovate.json5. |
| src/linters/renovate_deps/tests.rs | Adds unit tests for extended meta extraction, mismatch validation, and config patching. |
| src/linters/renovate_deps/snapshot.rs | Extends DepMeta to include lookup fields and adds stripping helpers to keep committed snapshots stable. |
| src/linters/renovate_deps/rules.rs | Introduces extractVersion mismatch detection/validation and inference logic for suggested overrides. |
| src/linters/renovate_deps/mod.rs | Wires mismatch detection + autofix patching into the linter execution flow and ensures lookup-only fields are stripped before writing. |
| docs/linters/renovate-deps.md | Documents the new extractVersion consistency check and the autofix behavior. |
| default.json | Adds explicit Biome extractVersion override in the shared Renovate preset. |
| .github/renovate.json5 | Mirrors the Biome override in the repo Renovate config to stay aligned with the shared preset. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+156
to
+176
| let Some(extracted) = extract_version_value(extract_version, current_version) | ||
| .with_context(|| format!("failed to evaluate extractVersion for dep {dep_name:?}"))? | ||
| else { | ||
| continue; | ||
| }; | ||
|
|
||
| if extracted == current_value { | ||
| continue; | ||
| } | ||
|
|
||
| mismatches.push(ExtractVersionMismatch { | ||
| dep_name, | ||
| package_name: meta.package_name.clone(), | ||
| current_value: current_value.to_string(), | ||
| current_version: current_version.to_string(), | ||
| extract_version: extract_version.to_string(), | ||
| suggested_extract_version: infer_extract_version_from_current( | ||
| current_version, | ||
| current_value, | ||
| ), | ||
| }); |
Comment on lines
+770
to
+773
| if changed { | ||
| std::fs::write(config_path, serde_json::to_string_pretty(&parsed)? + "\n") | ||
| .with_context(|| format!("failed to write {}", config_path.display()))?; | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
extractVersionagainst lookup metadata inrenovate-depspackageRules.extractVersionoverrides when Flint can infer oneWhy
Some Renovate-managed mise dependencies can stall when the upstream tag format no longer matches the configured
extractVersion. Biome is one example: its GitHub tags don't match Renovate's generic aqua regex, so updates can silently stop.What changed
currentValue,currentVersion, andextractVersionin the tracked snapshot metadata used byrenovate-deps--fixmode, append a targetedpackageRulesoverride and rerun lookup when Flint can infer a better regexdefault.jsonand.github/renovate.json5with an explicit Biome overrideImpact
renovate-depsnow catches stalled updates caused by stale or overly genericextractVersionrulesflint run --fix renovate-depscan repair some of those cases automaticallyValidation
cargo test -p flint linters::renovate_deps::tests -- --nocaptureFLINT_CASES=renovate-deps/extract-version-autofix cargo test -p flint --test e2e cases -- --nocapturecargo test -p flint --test e2e renovate_deps_local_default_runs_for_deleted_tracked_file -- --nocapturemise run lint:fix