Skip to content

Automated Dependency Updates for npm

Categories: js

Renovate supports updating npm dependencies.

File Matching

By default, Renovate will check any files matching any of the following regular expressions:

(^|/)package\.json$
(^|/)pnpm-workspace\.yaml$

For details on how to extend a manager's fileMatch value, please follow this link.

Supported datasources

This manager supports extracting the following datasources: github-tags, npm, node-version.

Default config

{
  "fileMatch": [
    "(^|/)package\\.json$",
    "(^|/)pnpm-workspace\\.yaml$"
  ],
  "digest": {
    "prBodyDefinitions": {
      "Change": "{{#if displayFrom}}`{{{displayFrom}}}` -> {{else}}{{#if currentValue}}`{{{currentValue}}}` -> {{/if}}{{/if}}{{#if displayTo}}`{{{displayTo}}}`{{else}}`{{{newValue}}}`{{/if}}"
    }
  },
  "prBodyDefinitions": {
    "Change": "[{{#if displayFrom}}`{{{displayFrom}}}` -> {{else}}{{#if currentValue}}`{{{currentValue}}}` -> {{/if}}{{/if}}{{#if displayTo}}`{{{displayTo}}}`{{else}}`{{{newValue}}}`{{/if}}]({{#if depName}}https://renovatebot.com/diffs/npm/{{replace '/' '%2f' depName}}/{{{currentVersion}}}/{{{newVersion}}}{{/if}})"
  }
}

Additional Information

The following depTypes are currently supported by the npm manager :

  • dependencies
  • devDependencies
  • optionalDependencies
  • peerDependencies
  • engines : Renovate will update any node, npm and yarn version specified under engines.
  • volta : Renovate will update any node, npm, pnpm and yarn version specified under volta.
  • packageManager
  • overrides
  • resolutions
  • pnpm.overrides
  • pnpm.catalog.<name>, such as pnpm.catalog.default and pnpm.catalog.myCatalog. Matches any default and named pnpm catalogs.

Yarn

Version Selection / Installation

If Renovate detects a packageManager setting for Yarn in package.json then it will use Corepack to install Yarn.

HTTP Proxy Support

Yarn itself does not natively recognize/support the HTTP_PROXY and HTTPS_PROXY environment variables.

You can configure RENOVATE_X_YARN_PROXY=true as an environment variable to enable configuring of Yarn proxy (e.g. if you cannot configure these proxy settings yourself in ~/.yarnrc.yml).

If set, and Renovate detects Yarn 2+, and one or both of those variables are present, then Renovate will run commands like yarn config set --home httpProxy http://proxy prior to executing yarn install. This will result in the ~/.yarnrc.yml file being created or modified with these settings, and the settings are not removed afterwards.

Configuration/conversion of NO_PROXY to Yarn config is not supported.