pgjdbc/pgjdbc GitHub issues and pull requests (mirror)
help / color / mirror / Atom feedFrom: vlsi (@vlsi) <[email protected]>
To: pgjdbc/pgjdbc <[email protected]>
Subject: [pgjdbc/pgjdbc] PR #4184: ci: group Renovate updates by Maven groupId
Date: Mon, 15 Jun 2026 13:29:19 +0000
Message-ID: <[email protected]> (raw)
## What
- Add a default `packageRule` that groups every Maven update by its `groupId` using `{{{replace ':.*' '' depName}}}`.
- Apply the same grouping to security updates via `vulnerabilityAlerts`, since Renovate resets their `groupName` and would otherwise open one PR per artifact.
- Remove redundant single-`groupId` rules now covered by the default (`logback`, `com.github.vlsi`, `jmh`, `com.gradleup.nmcp`, `pax-exam`).
## Why
Previously each grouped dependency needed its own `packageRule` listing the package prefix. Grouping by `groupId` by default keeps related artifacts in a single PR automatically and trims the config.
## Kept on purpose
Rules that do more than group remain:
- `checkerframework`, `junit-bom` — pin `allowedVersions`.
- `org.postgresql:postgresql`, `system-stubs-jupiter` — version-specific enable/disable.
## Notes
Validated with `renovate-config-validator`. Approach mirrors apache/jmeter#6710.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
diff --git a/renovate.json b/renovate.json
index 49a325d3f4..641088b4a4 100644
--- a/renovate.json
+++ b/renovate.json
@@ -9,18 +9,17 @@
"schedule": [
"every 3 weeks on Monday"
],
+ "vulnerabilityAlerts": {
+ "description": "Security updates bypass the packageRules grouping below (Renovate resets their groupName), so apply the same groupId grouping to them here.",
+ "groupName": "{{{replace ':.*' '' depName}}} security"
+ },
"packageRules": [
{
- "groupName": "logback",
- "matchPackageNames": [
- "ch.qos.logback{/,}**"
- ]
- },
- {
- "groupName": "com.github.vlsi",
- "matchPackageNames": [
- "com.github.vlsi{/,}**"
- ]
+ "description": "Group every Maven update by its groupId by default. The more specific rules below run later and override this where a group must span several groupIds, pin a version, or stay disabled.",
+ "matchDatasources": [
+ "maven"
+ ],
+ "groupName": "{{{replace ':.*' '' depName}}}"
},
{
"groupName": "checkerframework",
@@ -29,12 +28,6 @@
],
"allowedVersions": "<4.0.0"
},
- {
- "groupName": "jmh",
- "matchPackageNames": [
- "org.openjdk.jmh{/,}**"
- ]
- },
{
"groupName": "junit-bom",
"matchPackageNames": [
@@ -42,18 +35,6 @@
],
"allowedVersions": "<6.0.0"
},
- {
- "groupName": "com.gradleup.nmcp",
- "matchPackageNames": [
- "com.gradleup.nmcp{/,}**"
- ]
- },
- {
- "groupName": "pax-exam",
- "matchPackageNames": [
- "org.ops4j.pax.exam{/,}**"
- ]
- },
{
"matchPackageNames": [
"org.postgresql:postgresql"
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: github://pgjdbc/pgjdbc
Cc: [email protected], [email protected]
Subject: Re: [pgjdbc/pgjdbc] PR #4184: ci: group Renovate updates by Maven groupId
In-Reply-To: <<[email protected]>>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox