11## Motivation
22
3- ![ ] ( 170_supply_chain_security/renovate/dependencies_stability_features .drawio.svg ) <!-- .element: style="float: right; width: 40%;" -->
3+ ![ ] ( 170_supply_chain_security/renovate/forces .drawio.svg ) <!-- .element: style="float: right; width: 40%;" -->
44
55Dependencies add reusable components
66
@@ -222,13 +222,13 @@ Filter log for errors / failures for...
222222- Permission issues
223223- Rate limits
224224
225- XXX open PRs
225+ Check for failed pipelines
226226
227- ### Up-to-dateness
227+ Check for failed automerges
228228
229- Failures will show in the log
229+ ### Up-to-dateness / Security
230230
231- ### Security
231+ Failures will show in the log
232232
233233Create and analyze SBOM
234234
@@ -287,9 +287,7 @@ Supported ecosystems: Go, JavaScript, Java, Python, .NET, PHP, Ruby
287287
288288Show updates addressing security alerts [ ] ( https://docs.renovatebot.com/configuration-options/#vulnerabilityalerts )
289289
290- Integrates with GitHub and Dependabot
291-
292- XXX new feature... open issue?
290+ Requires GitHub and Dependabot
293291
294292### Requirements
295293
@@ -301,9 +299,21 @@ Enable alert from Dependabot [](https://docs.github.com/en/repositories/managing
301299
302300## Testing the Renovate configuration
303301
304- XXX isolate change in separate repo
302+ Configuration changes * will* break Renovate
303+
304+ ### Isolate the change
305+
306+ Factor out the change
305307
306- XXX ` --platform=local `
308+ Test in a separate repository
309+
310+ (Optionally) run Renovate manually for speed
311+
312+ ### Test locally
313+
314+ Do not commit changes
315+
316+ Run Renovate locally using ` --platform=local `
307317
308318---
309319
@@ -327,8 +337,6 @@ Detailed comparison [](https://docs.renovatebot.com/bot-comparison/)
327337
328338## Case study: uniget
329339
330- XXX improve value proposition
331-
332340### Installer and updater for (container) tools
333341
334342Checkout uniget.dev [ ] ( https://uniget.dev )
0 commit comments