Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Ugh, no.

Stopped using Renovate when I discovered that it will happily propose a PR update for completely incompatible and conflicting dependencies. It literally looks at the latest version of each dependency alone, without considering if this will make a conflict.

Author insists this is a problem with all package managers, that it's impossible to write a tool that doesn't behave like this, and that manually grouping dependencies or completely ignoring version updates until the next one is the only sensible approach.

This doesn't save me time.



> Author insists this is a problem with all package managers, that it's impossible to write a tool that doesn't behave like this

Is the author wrong? Dependabot functions the exact same way. How would you even go about solving this?


This is significant. Where did you read this? I found:

https://github.com/renovatebot/renovate/discussions/26917


I think it was in that repo discussions, but about IIRC Sphinx (whose plugins obviously depend on a specific version).

I imagine any plugin ecosystem of dependent packages would have the same issue.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: