Automated dependency updates with Renovate

Keeping track with all the updates of dependencies we use is way to time consuming.


In most of our project we use Renovate for automated updates of dependencies. Renovate itself is a very configurable open-source script written in TypeScript. It can be used as a free hosted service with GitHub, but we normally run it self-hosted inside Gitlab CI. In order to do its job, renovate first needs credentials to access our projects on GitLab (Other platforms are also supported). With these credentials it then downloads the code of each project and starts searching for supported Managers like npm, gradle or cargo. It then builds a list with all the used dependencies and there version.

Cool configuration options

There are lots of options that can be used to configuration what exactly renovate should do for each project.

With the usage of 'packageRules' it is also possible to use specific configuration for a subset of dependencies.

Other Automated dependency update tools

We chose renovate way back because of the Gitlab support and free hosting. So far we never had a reason to think about switching away from renovate but there are now even more tools for this job.


  1. All our projects in active development should use renovate for automated version updates.
  2. All our projects should have a .renovaterc.json configuration file.
  3. Have a look at our Internal Setup


Zur Übersicht

Standort Hannover

newcubator GmbH
Bödekerstraße 22
30161 Hannover

Standort Dortmund

newcubator GmbH
Westenhellweg 85-89
44137 Dortmund