ci(renovate): group cargo / github-actions updates and enable lockFileMaintenance#1307
Merged
mergify[bot] merged 1 commit intomainfrom Apr 28, 2026
Conversation
Member
Author
|
This pull request is part of a Mergify stack:
|
This was referenced Apr 27, 2026
Contributor
Merge ProtectionsYour pull request matches the following merge protections and will not be merged until they are valid. 🟢 🤖 Continuous IntegrationWonderful, this rule succeeded.
🟢 👀 Review RequirementsWonderful, this rule succeeded.
🟢 Enforce conventional commitWonderful, this rule succeeded.Make sure that we follow https://www.conventionalcommits.org/en/v1.0.0/
🟢 🔎 ReviewsWonderful, this rule succeeded.
🟢 📕 PR descriptionWonderful, this rule succeeded.
|
There was a problem hiding this comment.
Pull request overview
Updates Renovate configuration to reduce dependency update PR noise as the Rust workspace grows, by grouping related updates and enabling periodic lockfile maintenance.
Changes:
- Enable Renovate
lockFileMaintenanceon a Monday-morning schedule. - Group
cargominor/patch updates into a single PR. - Group
github-actionsminor/patch updates into a single PR.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…eMaintenance The Rust workspace is growing fast — 5 crates already, more landing as the port progresses. Without grouping, every minor/patch bump from crates.io produces its own PR; with two managers (`cargo` and `github-actions`) on a stack of stacked PRs that quickly drowns review. - Group `cargo` minor/patch updates into a single weekly PR. - Group `github-actions` minor/patch updates the same way. - Enable `lockFileMaintenance` for `Cargo.lock` (Monday morning) so indirect dep drift doesn't accumulate between explicit Cargo.toml changes. Major bumps still get their own PR (default behaviour kept) so they stay easy to triage individually. Change-Id: I7506fae52e2c6bfb2c12af80391b1eb07a9b93f0
jd
force-pushed
the
devs/jd/worktree-rust-port/group-cargo-github-actions-updates-enable--7506fae5
branch
from
9931366 to
79c70aa
Compare
Member
Author
Revision history
|
kozlek
approved these changes
Apr 28, 2026
JulianMaurin
approved these changes
Apr 28, 2026
Contributor
Merge Queue Status
This pull request spent 35 seconds in the queue, including 2 seconds running CI. Required conditions to merge
|
mergify
Bot
deleted the
devs/jd/worktree-rust-port/group-cargo-github-actions-updates-enable--7506fae5
branch
38 tasks
mergify Bot
pushed a commit
that referenced
this pull request
Apr 28, 2026
….2b) (#1281) Adds the HTTP client every ported command uses. Wraps ``reqwest`` with the invariants the design requires: - Bearer-token auth injected when the token is non-empty; skipped otherwise so GitHub's anonymous public-repo reads still work. - Tenacity-style retry on 5xx and transient network errors: 3 attempts, exponential backoff starting at 1s. 4xx responses are never retried — those are caller errors and retrying would mask bugs. - Typed error mapping: HTTP failures become either ``CliError::GitHubApi`` or ``CliError::MergifyApi`` based on the ``ApiFlavor`` passed at construction, so ``exit_code()`` routes to ``GITHUB_API_ERROR`` (5) or ``MERGIFY_API_ERROR`` (6) automatically. - Per-request timeout of 30s. - ``RetryPolicy`` is public so tests can skip the wall-clock backoff with ``initial_backoff = 0``. Also extends ``CliError`` with the two new API variants and updates the ``exit_code()`` mapping + unit tests. Command crates MUST NOT import ``reqwest`` directly — the only HTTP surface is ``HttpClient::get`` and ``HttpClient::post``. 6 new tests cover: happy-path GET, empty-token behavior, POST with JSON body, retry on 5xx then success, exhausted retries mapping to ``MergifyApi``, 4xx not retried and mapping to ``GitHubApi``. All use ``wiremock`` for hermetic local HTTP. Next sub-phase (1.2c / 1.2d) adds colored/spinner affordances and the ``GitOps`` trait only when the first ported command needs them; this PR is the minimum ``config validate`` requires. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> Depends-On: #1307
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The Rust workspace is growing fast — 5 crates already, more landing as
the port progresses. Without grouping, every minor/patch bump from
crates.io produces its own PR; with two managers (
cargoandgithub-actions) on a stack of stacked PRs that quickly drowns review.cargominor/patch updates into a single weekly PR.github-actionsminor/patch updates the same way.lockFileMaintenanceforCargo.lock(Monday morning) soindirect dep drift doesn't accumulate between explicit Cargo.toml
changes.
Major bumps still get their own PR (default behaviour kept) so they
stay easy to triage individually.