Renovate Logo

Automated dependency updates, for humans

Receive customizable Pull Requests whenever your npm, Yarn, Meteor, Docker or Bazel dependencies need updating. Or whenever you want.


Installed on 5000+ projects on GitHub

Renovate is widely trusted by private and public users alike

Intelligent, helpful onboarding

Enable Renovate risk-free to receive an onboarding Pull Request. It analyzes your repository and tells you what will happen next, so there's no surprises. Merge to start once you're happy with the results.


Unopinionated, highly flexible configuration

Modify any of Renovate's smart defaults with custom overrides at the repository, package file, dependency type, and package levels. The onboarding PR will update itself to reflect your new results.

  "pinVersions": false,
  "packageFiles": [{
    "packageFile": "backend/package.json",
    "pinVersions": true
  "depTypes": [{
    "depType": "dependencies",
    "pinVersions": false
  "packages": [{
    "packagePattern": "^angular.*",
    "groupName": "angular",
    "pinVersions": true

Support for monorepo directory structures

Renovate not only supports multiple package.json files in a repository - it will autodiscover them for you too, saving you from tedious configuration. Includes lerna and yarn workspaces support.


Automatic lock file support

Renovate will generate updated package-lock.json or yarn.lock files if you're already using them. And it will immediately resolve any lock file conflicts as you begin merging PRs.

Lock files

Ease the noise with custom schedules

Updating dependencies regularly is great, unless you start drowning in the noise. Throttle updates however you want with schedules, configurable right down to the per-package level.

  "timezone": "America/New_York",
  "schedule": "before 5am every weekday",
  "lockFileMaintenance": {
    "enabled": true,
    "schedule": "after 10pm on sunday"
  "packages": [{
    "packageName": "aws-sdk",
    "schedule": "before 5am every wednesday"

Rules-based automerging

Merge some updates without human intervention if they pass tests and satisfy your automerge rules. Merge branches without Pull Requests for the ultimate noise-free updates.


What people are saying about @renovateapp:

Rob Dodson

Managing dependencies in my monorepo on GitHub has been made _much_ easier thanks to @renovateapp.

Rob Dodson - Developer Advocate @ Google

Vincent Voyer

@renovateapp is amazing, handles JavaScript apps, libraries and docker.yml dependencies pinning and auto upgrades, even monorepos and yarn

Vincent Voyer - Engineering Manager @ Algolia

Moshe Brevda

Renovate is crucial to the security and productivity of any project. It's ease of use and flexible configurability make it a breeze to set up and a pleasure to use!

Moshe Brevda - CTO @ Tarcha Group

Improve your dependency workflow today