chore: Add upper bounds dependencies file to renovate config#12562
chore: Add upper bounds dependencies file to renovate config#12562
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request updates the renovate.json configuration to group dependencies found in dependencies.txt. The review feedback correctly identifies that the new configuration block is misplaced within the regexManagers array instead of packageRules and lacks the required regex definitions to actually discover and parse the dependencies from the file.
|
/gemini review |
There was a problem hiding this comment.
Code Review
This pull request updates the Renovate configuration to include a new dependency file, sdk-platform-java/dependencies.txt, and migrates managerFilePatterns to fileMatch across several custom managers. A review comment suggests refining the regex used for parsing the new dependency file to be more restrictive and robust against unintended matches.
| { | ||
| "customType": "regex", | ||
| "fileMatch": ["sdk-platform-java/dependencies.txt"], | ||
| "matchStrings": ["(?<depName>.*),(.*)=(?<currentValue>.*)"], |
There was a problem hiding this comment.
The regular expression (?<depName>.*),(.*)=(?<currentValue>.*) is overly broad and potentially fragile. Because .* is greedy and matches almost any character, it could capture leading/trailing whitespace or match unintended lines (such as comments containing a comma and an equals sign). Using more restrictive character classes like [^,\s]+ ensures that Renovate captures only valid package names and versions, preventing lookup failures.
"matchStrings": ["(?<depName>[^,\s]+),[^=\s]+=(?<currentValue>[^\s]+)"],
2 participants
No description provided.