Renovate has support for updating the additional_dependencies in our pre-commit file too - https://docs.renovatebot.com/modules/manager/pre-commit/#additional-dependencies should we do it?

@harshil21 Yes, please 😍

Only thing Renovate is complaining about are chango and pyright-type-completeness job's @Bibo-Joshi you might want to check if you can fix it?

Branch Conflicted

⚠️ This PR has a merge conflict which Renovate is unable to automatically resolve, so updates to this PR description are now paused. Please resolve the merge conflict manually.

I'm happy with the current configuration. The only thing I can't seem to get working is making Renovate update both pre-commit version and pyproject version of a dependency in the same PR.

If any one of you can get that working, that would be great. I couldn't find any other projects which do that (maybe a global github search will help?)

Renovate doesn't tell me here if it would also update the lockfile with the dependency in the same PR, I hope it would.

I'm happy with the current configuration. The only thing I can't seem to get working is making Renovate update both pre-commit version and pyproject version of a dependency in the same PR.

If any one of you can get that working, that would be great. I couldn't find any other projects which do that (maybe a global github search will help?)

Renovate doesn't tell me here if it would also update the lockfile with the dependency in the same PR, I hope it would.

You can check if this PR created by Renovate is the way you want it:
Flexget/Flexget#4545

The configuration is also very straightforward:
https://github.com/Flexget/Flexget/blob/b7c856163930b3a9b13a8932cdcac4d44d761333/.github/renovate.json5#L56-L61

Thanks @vivodi that PR is what I want indeed. I noticed:

1. Renovate is updating the uv.lock file separately in a different PR.

2. The dependencies are manually matched in that configuration (i.e. they wrote "ruff", "astral-sh/ruff-pre-commit"). I hope to use matchDepTypes and matchManagers so it automatically finds all dependencies to group together in one PR. I actually think I just need to change the group name to something constant and not a template so they're grouped together?

Renovate is updating the uv.lock file separately in a different PR.

What do you mean?

In the Renovate PR I linked above, uv.lock was updated as part of the same PR. Flexget/Flexget#4545

The dependencies are manually matched in that configuration (i.e. they wrote "ruff", "astral-sh/ruff-pre-commit"). I hope to use matchDepTypes and matchManagers so it automatically finds all dependencies to group together in one PR. I actually think I just need to change the group name to something constant and not a template so they're grouped together?

Renovate can’t do this automatically because it has no way of knowing which Python package on PyPI corresponds to which GitHub repository. You can only group them together manually.

It is recommended to add https://github.com/renovatebot/pre-commit-hooks to prevent future erroneous changes to the Renovate configuration.

Thanks for the review @vivodi!

I had another question - would Renovate update the additional_dependencies in the pre-commit-config and pyproject.toml in the same PR, or would I need to explicitly list out each dependency like it was done in the config you linked?

In the Renovate PR I linked above, uv.lock was updated as part of the same PR

Uff yes 🤦🏽‍♂️ remind me to not open github on mobile when I'm away from a keyboard

Some more configuration decisions:

1. https://docs.renovatebot.com/faq/#tell-renovate-to-ask-for-approval-before-creating-a-pull-request though I don't know of any case where we would want to do this at the moment..

2. https://docs.renovatebot.com/noise-reduction/#automerging-and-scheduling. I think we should enable auto merges just so that lock file conflicts are reduced as they mention.

It is recommended to add https://github.com/renovatebot/pre-commit-hooks to prevent future erroneous changes to the Renovate configuration.

It seems that I can't use that new pre-commit hook - running into renovatebot/pre-commit-hooks#2983. Reverting.

Perhaps schema validation inside IDE's should do.

I had another question - would Renovate update the additional_dependencies in the pre-commit-config and pyproject.toml in the same PR, or would I need to explicitly list out each dependency like it was done in the config you linked?

• If you don’t use semantic commits, there will always be only one PR.
• If you do use semantic commits, two PRs will be created for minor or major updates, while only one PR will be created for patch updates.

The python-telegram-bot repository doesn’t use semantic commits, so you don’t need to worry about this — meaning you don’t need to manually group these dependencies together.

https://docs.renovatebot.com/faq/#tell-renovate-to-ask-for-approval-before-creating-a-pull-request though I don't know of any case where we would want to do this at the moment..

Since you don't know of any case where you would want to do this at the moment, I suggest not using the “Tell Renovate to ask for approval before creating a Pull Request” feature, as it often causes you to forget to update. There’s nothing wrong with letting Renovate always create updates automatically.

https://docs.renovatebot.com/noise-reduction/#automerging-and-scheduling. I think we should enable auto merges just so that lock file conflicts are reduced as they mention.

Regarding automatic updates, you can take a look at the Renovate settings in the FlexGet repository, which were mainly written by me:

https://github.com/Flexget/Flexget/blob/d0137d8dc87fa8dbb8fc394d67275e272fce052a/.github/renovate.json5#L5-L6
https://github.com/Flexget/Flexget/blob/d0137d8dc87fa8dbb8fc394d67275e272fce052a/.github/renovate.json5#L53-L54

If the python-telegram-bot repository hasn’t enabled “allow auto-merge” in its settings, automatic merging will only occur if all checks pass. Otherwise, you’ll need to set all checks to “Required.”

seems that I can't use that new pre-commit hook - running into renovatebot/pre-commit-hooks#2983. Reverting.

Renovate config validation can be done via GitHub Actions — you can check how it’s set up in the FlexGet repository. Restricting the trigger conditions won’t add any overhead.

https://github.com/Flexget/Flexget/blob/develop/.github/workflows/renovate-config-validation.yml

Renovate config validation can be done via GitHub Actions

I don't want to use more action minutes, some jobs already don't start instantly and wait for others to complete. I will instead use the skip config option in pre-commit.ci, so it won't run on CI but only locally.

The python-telegram-bot repository doesn’t use semantic commits, so you don’t need to worry about this — meaning you don’t need to manually group these dependencies together.

Thanks for the explanation.

We discussed a little more internally and decided to remove the pre-commit check locally too, since it would not be very useful. Any changes to the configuration would be in a new PR as outlined in the docs - https://docs.renovatebot.com/getting-started/installing-onboarding/#reconfigure-via-pr so invalid changes would be caught there too...