[Renovate] - Enhance dependency ownership checks#231962
Merged
legrego merged 5 commits intoelastic:mainfrom Aug 28, 2025
Merged
[Renovate] - Enhance dependency ownership checks#231962legrego merged 5 commits intoelastic:mainfrom
legrego merged 5 commits intoelastic:mainfrom
Conversation
…d renovate rules detection and update labels for risk assessment
legrego
added
Team:Security
Contributor
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]
History
|
Contributor
|
Pinging @elastic/kibana-security (Team:Security) |
jeramysoucy
requested changes
Aug 28, 2025
jeramysoucy
approved these changes
Aug 28, 2025
Contributor
💚 Build Succeeded
Metrics [docs]Page load bundle
History
|
Contributor
|
Starting backport for target branches: 8.18, 8.19, 9.1 https://github.com/elastic/kibana/actions/runs/17306969892 |
Contributor
💔 All backports failed
Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
legrego
added a commit
to legrego/kibana
that referenced
this pull request
Aug 29, 2025
This pull request improves the dependency ownership tooling and documentation by enhancing error detection for Renovate rules, updating labels to use `upgrade-risk` instead of `risk`, and cleaning up unused dependencies and rules. The main changes are grouped below. **Dependency Ownership Tooling Improvements:** * Added detection and reporting of invalid Renovate rules that declare packages not found in `package.json`, with CLI and test updates to surface these errors. (`packages/kbn-dependency-ownership/src/dependency_ownership.ts`, `packages/kbn-dependency-ownership/src/cli.ts`, `packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134) [[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203) [[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53) [[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72) [[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) * Extended the Renovate rule filter to ignore rules using custom managers (e.g., GitHub Actions), ensuring only supported rules are processed. (`packages/kbn-dependency-ownership/src/rule.ts`) **Documentation and Label Updates:** * Updated documentation and configuration to replace the `risk` label with `upgrade-risk` for consistency and clarity. (`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`) [[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173) [[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324) **Renovate Rule and Dependency Cleanup:** * Removed unused dependencies and rules from `renovate.json` and `package.json`, including several loader and type packages, and reorganized some group names and labels for clarity. (`renovate.json`, `package.json`) [[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72) [[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173) [[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746) **Configuration Parsing Enhancements:** * Updated config parsing to include `resolutions` from `package.json` for more accurate dependency checks. (`packages/kbn-dependency-ownership/src/parse_config.ts`) [[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20) [[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43) **Test Coverage Expansion:** * Added and improved tests to verify detection of invalid Renovate rules and proper filtering of disabled or custom-manager rules. (`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40) [[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) These changes enhance the reliability and clarity of dependency ownership checks and Renovate rule management. (cherry picked from commit d82fc92)
legrego
added a commit
to legrego/kibana
that referenced
this pull request
Aug 29, 2025
This pull request improves the dependency ownership tooling and documentation by enhancing error detection for Renovate rules, updating labels to use `upgrade-risk` instead of `risk`, and cleaning up unused dependencies and rules. The main changes are grouped below. **Dependency Ownership Tooling Improvements:** * Added detection and reporting of invalid Renovate rules that declare packages not found in `package.json`, with CLI and test updates to surface these errors. (`packages/kbn-dependency-ownership/src/dependency_ownership.ts`, `packages/kbn-dependency-ownership/src/cli.ts`, `packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134) [[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203) [[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53) [[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72) [[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) * Extended the Renovate rule filter to ignore rules using custom managers (e.g., GitHub Actions), ensuring only supported rules are processed. (`packages/kbn-dependency-ownership/src/rule.ts`) **Documentation and Label Updates:** * Updated documentation and configuration to replace the `risk` label with `upgrade-risk` for consistency and clarity. (`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`) [[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173) [[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324) **Renovate Rule and Dependency Cleanup:** * Removed unused dependencies and rules from `renovate.json` and `package.json`, including several loader and type packages, and reorganized some group names and labels for clarity. (`renovate.json`, `package.json`) [[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72) [[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173) [[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746) **Configuration Parsing Enhancements:** * Updated config parsing to include `resolutions` from `package.json` for more accurate dependency checks. (`packages/kbn-dependency-ownership/src/parse_config.ts`) [[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20) [[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43) **Test Coverage Expansion:** * Added and improved tests to verify detection of invalid Renovate rules and proper filtering of disabled or custom-manager rules. (`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40) [[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) These changes enhance the reliability and clarity of dependency ownership checks and Renovate rule management. (cherry picked from commit d82fc92) # Conflicts: # package.json
Member
Author
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
legrego
added a commit
that referenced
this pull request
Aug 29, 2025
…3529) # Backport This will backport the following commits from `main` to `9.1`: - [[Renovate] - Enhance dependency ownership checks (#231962)](#231962) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Larry Gregory","email":"larry.gregory@elastic.co"},"sourceCommit":{"committedDate":"2025-08-28T20:19:23Z","message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","backport:prev-minor","backport:prev-major","v9.2.0"],"title":"[Renovate] - Enhance dependency ownership checks","number":231962,"url":"https://github.com/elastic/kibana/pull/231962","mergeCommit":{"message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/231962","number":231962,"mergeCommit":{"message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7"}}]}] BACKPORT-->
ymao1
pushed a commit
to ymao1/kibana
that referenced
this pull request
Aug 29, 2025
This pull request improves the dependency ownership tooling and documentation by enhancing error detection for Renovate rules, updating labels to use `upgrade-risk` instead of `risk`, and cleaning up unused dependencies and rules. The main changes are grouped below. **Dependency Ownership Tooling Improvements:** * Added detection and reporting of invalid Renovate rules that declare packages not found in `package.json`, with CLI and test updates to surface these errors. (`packages/kbn-dependency-ownership/src/dependency_ownership.ts`, `packages/kbn-dependency-ownership/src/cli.ts`, `packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134) [[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203) [[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53) [[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72) [[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) * Extended the Renovate rule filter to ignore rules using custom managers (e.g., GitHub Actions), ensuring only supported rules are processed. (`packages/kbn-dependency-ownership/src/rule.ts`) **Documentation and Label Updates:** * Updated documentation and configuration to replace the `risk` label with `upgrade-risk` for consistency and clarity. (`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`) [[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173) [[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324) **Renovate Rule and Dependency Cleanup:** * Removed unused dependencies and rules from `renovate.json` and `package.json`, including several loader and type packages, and reorganized some group names and labels for clarity. (`renovate.json`, `package.json`) [[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72) [[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231) [[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654) [[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777) [[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173) [[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746) **Configuration Parsing Enhancements:** * Updated config parsing to include `resolutions` from `package.json` for more accurate dependency checks. (`packages/kbn-dependency-ownership/src/parse_config.ts`) [[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20) [[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43) **Test Coverage Expansion:** * Added and improved tests to verify detection of invalid Renovate rules and proper filtering of disabled or custom-manager rules. (`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`) [[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40) [[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120) These changes enhance the reliability and clarity of dependency ownership checks and Renovate rule management.
kibanamachine
added
the
backport missing
Contributor
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
8 tasks
legrego
added a commit
that referenced
this pull request
Sep 2, 2025
…3530) # Backport This will backport the following commits from `main` to `9.0`: - [[Renovate] - Enhance dependency ownership checks (#231962)](#231962) <!--- Backport version: 10.0.1 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Larry Gregory","email":"larry.gregory@elastic.co"},"sourceCommit":{"committedDate":"2025-08-28T20:19:23Z","message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["Team:Security","release_note:skip","backport:prev-minor","backport:prev-major","v9.2.0"],"title":"[Renovate] - Enhance dependency ownership checks","number":231962,"url":"https://github.com/elastic/kibana/pull/231962","mergeCommit":{"message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/231962","number":231962,"mergeCommit":{"message":"[Renovate] - Enhance dependency ownership checks (#231962)\n\nThis pull request improves the dependency ownership tooling and\ndocumentation by enhancing error detection for Renovate rules, updating\nlabels to use `upgrade-risk` instead of `risk`, and cleaning up unused\ndependencies and rules. The main changes are grouped below.\n\n**Dependency Ownership Tooling Improvements:**\n\n* Added detection and reporting of invalid Renovate rules that declare\npackages not found in `package.json`, with CLI and test updates to\nsurface these errors.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.ts`,\n`packages/kbn-dependency-ownership/src/cli.ts`,\n`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R110-R134)\n[[2]](diffhunk://#diff-c5dc715085771090ec5994cb4ee3ead140b72e42cc79290ba8ea95d62fe8e571R197-R203)\n[[3]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL49-R53)\n[[4]](diffhunk://#diff-bd67d71b8125f465a67bb6c6ef93e341f553f0584aab086fdd8e0876e3ea3c0eL59-R72)\n[[5]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n* Extended the Renovate rule filter to ignore rules using custom\nmanagers (e.g., GitHub Actions), ensuring only supported rules are\nprocessed. (`packages/kbn-dependency-ownership/src/rule.ts`)\n\n**Documentation and Label Updates:**\n\n* Updated documentation and configuration to replace the `risk` label\nwith `upgrade-risk` for consistency and clarity.\n(`dev_docs/contributing/third_party_dependencies.mdx`, `renovate.json`)\n[[1]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L173-R173)\n[[2]](diffhunk://#diff-b59b40c70511ae917f0ad9b9fa04c533253b92199a6b9ead6d0755d6f57c81d3L188-R188)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L530-R523)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L597-R590)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L2332-R2324)\n\n**Renovate Rule and Dependency Cleanup:**\n\n* Removed unused dependencies and rules from `renovate.json` and\n`package.json`, including several loader and type packages, and\nreorganized some group names and labels for clarity. (`renovate.json`,\n`package.json`)\n[[1]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L52-L72)\n[[2]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L231)\n[[3]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L661-R654)\n[[4]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L785-R777)\n[[5]](diffhunk://#diff-7b5c8955fc544a11b4b74eddb4115f9cc51c9cf162dbffa60d37eeed82a55a57L1154-L1173)\n[[6]](diffhunk://#diff-7ae45ad102eab3b6d7e7896acd08c427a9b25b346470d7bc6507b6481575d519L1746)\n\n**Configuration Parsing Enhancements:**\n\n* Updated config parsing to include `resolutions` from `package.json`\nfor more accurate dependency checks.\n(`packages/kbn-dependency-ownership/src/parse_config.ts`)\n[[1]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R20)\n[[2]](diffhunk://#diff-047e08324c0973a44d942ff32611200c2cd13ac56d9678ad232622093abc5069R41-R43)\n\n**Test Coverage Expansion:**\n\n* Added and improved tests to verify detection of invalid Renovate rules\nand proper filtering of disabled or custom-manager rules.\n(`packages/kbn-dependency-ownership/src/dependency_ownership.test.ts`)\n[[1]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3R22-R40)\n[[2]](diffhunk://#diff-b57928a4400275ad152ccab121e0745fa94387095458007b2b7187234e44c2b3L83-R120)\n\nThese changes enhance the reliability and clarity of dependency\nownership checks and Renovate rule management.","sha":"d82fc929a11a6f78f0a5cd931d8ab7c3085406f7"}}]}] BACKPORT-->
kibanamachine
added
v9.0.7
and removed
backport missing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request improves the dependency ownership tooling and documentation by enhancing error detection for Renovate rules, updating labels to use
upgrade-riskinstead ofrisk, and cleaning up unused dependencies and rules. The main changes are grouped below.Dependency Ownership Tooling Improvements:
package.json, with CLI and test updates to surface these errors. (packages/kbn-dependency-ownership/src/dependency_ownership.ts,packages/kbn-dependency-ownership/src/cli.ts,packages/kbn-dependency-ownership/src/dependency_ownership.test.ts) [1] [2] [3] [4] [5]packages/kbn-dependency-ownership/src/rule.ts)Documentation and Label Updates:
risklabel withupgrade-riskfor consistency and clarity. (dev_docs/contributing/third_party_dependencies.mdx,renovate.json) [1] [2] [3] [4] [5]Renovate Rule and Dependency Cleanup:
renovate.jsonandpackage.json, including several loader and type packages, and reorganized some group names and labels for clarity. (renovate.json,package.json) [1] [2] [3] [4] [5] [6]Configuration Parsing Enhancements:
resolutionsfrompackage.jsonfor more accurate dependency checks. (packages/kbn-dependency-ownership/src/parse_config.ts) [1] [2]Test Coverage Expansion:
packages/kbn-dependency-ownership/src/dependency_ownership.test.ts) [1] [2]These changes enhance the reliability and clarity of dependency ownership checks and Renovate rule management.