Renovate Logo

Keep npm dependencies up-to-date

Designed with flexibility for your Pull Request workflow.

Screenshot

Intelligent, helpful onboarding

Enable Renovate risk-free to receive an onboarding Pull Request. It analyzes your repository and tells you what will happen next, so there's no surprises. Merge to start once you're happy with the results.

Screenshot

Unopinionated, highly flexible configuration

Modify any of Renovate's smart defaults with custom overrides at the repository, package file, dependency type, and package levels. The onboarding PR will update itself to reflect your new results.

{
  "pinVersions": false,
  "packageFiles": [{
    "packageFile": "backend/package.json",
    "pinVersions": true
  }],
  "depTypes": [{
    "depType": "dependencies",
    "pinVersions": false
  }],
  "packages": [{
    "packagePattern": "^angular.*",
    "groupName": "angular",
    "pinVersions": true
  }]
}

Support for monorepo directory structures

Renovate not only supports multiple package.json files in a repository - it will autodiscover them for you too, saving you from tedious configuration. Includes lerna and yarn workspaces support.

Monorepo

Automatic lock file support

Renovate will generate updated package-lock.json or yarn.lock files if you're already using them. And it can even keep them up to date in your master branch if you haven't updated package.json dependencies in a while.

Lock files

Ease the noise with custom schedules

Updating dependencies regularly is great, unless you start drowning in the noise. Throttle updates however you want with schedules, configurable right down to the per-package level.

{
  "timezone": "America/New_York",
  "schedule": "before 5am every weekday",
  "lockFileMaintenance": {
    "enabled": true,
    "schedule": "after 10pm on sunday"
  },
  "packages": [{
    "packageName": "aws-sdk",
    "schedule": "before 5am every wednesday"
  }]
}

Rules-based automerging

Merge some updates without human intervention if they pass tests and satisfy your automerge rules. Merge branches without Pull Requests for the ultimate noise-free updates.

Screenshot

Used on 1000+ projects on GitHub

Renovate is widely trusted by private and public users alike

What people are saying about @renovateapp:

Rob Dodson

Managing dependencies in my monorepo on GitHub has been made _much_ easier thanks to @renovateapp.

Rob Dodson - Developer Advocate @ Google

Vincent Voyer

@renovateapp is amazing, handles JavaScript apps, libraries and docker.yml dependencies pinning and auto upgrades, even monorepos and yarn

Vincent Voyer - Engineering Manager @ Algolia

Moshe Brevda

Renovate is crucial to the security and productivity of any project. It's ease of use and flexible configurability make it a breeze to set up and a pleasure to use!

Moshe Brevda - CTO @ Tarcha Group

Improve your dependency workflow today