You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
That makes it hard to manage and review updates efficiently. If some of these PRs are not needed (e.g. because Testcontainers wants to explicitly test against older versions), the update rules can be customized so Renovate simply won’t open them.
If no one is reviewing or merging these PRs, there's arguably no point in opening them at all.
That can slow down cloning and clutter GitHub’s UI. While it’s possible to work around this with filtering, Forking Renovate sidesteps the issue entirely—it creates branches in a forked repository, just like any external contributor would.
It’s possible to configure Renovate to detect versions in .properties, .java, and other files using regex. That means Renovate can raise PRs for those "hidden" dependencies too—helping keep the build secure and reducing the need for custom scripts or additional tooling.
Forking Renovate can update the Gradle wrapper (fully)
Renovate supports updating the Gradle version including the wrapper jar, the shell scripts (gradlew, gradlew.bat), and the distribution checksum.
That means the gradle-update/update-gradle-wrapper-action workflow is no longer necessary—Renovate handles it in a single, auditable PR.
This reduces maintenance overhead and keeps Gradle up to date in a reliable and automated way.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hi everyone 👋
I'd like to propose replacing Dependabot with Forking Renovate in the Testcontainers project, and I believe it could bring some meaningful benefits:
Forking Renovate throttles PR creation
Right now, Dependabot has created 300+ open PRs:
👉 https://github.com/testcontainers/testcontainers-java/issues?q=is%3Apr+is%3Aopen+author%3Aapp%2Fdependabot
That makes it hard to manage and review updates efficiently. If some of these PRs are not needed (e.g. because Testcontainers wants to explicitly test against older versions), the update rules can be customized so Renovate simply won’t open them.
If no one is reviewing or merging these PRs, there's arguably no point in opening them at all.
Forking Renovate avoids polluting the main repository with branches
Right now, the repo has 400+ branches:
👉 https://github.com/testcontainers/testcontainers-java/branches
That can slow down cloning and clutter GitHub’s UI. While it’s possible to work around this with filtering, Forking Renovate sidesteps the issue entirely—it creates branches in a forked repository, just like any external contributor would.
Forking Renovate supports regex-based dependency detection
This can help in scenarios like the following:
👉 Update ryuk version to 0.12.0 #10357
👉 Latest kafka container 5.4.3 #3402
It’s possible to configure Renovate to detect versions in .properties, .java, and other files using regex. That means Renovate can raise PRs for those "hidden" dependencies too—helping keep the build secure and reducing the need for custom scripts or additional tooling.
Forking Renovate can update the Gradle wrapper (fully)
Renovate supports updating the Gradle version including the wrapper jar, the shell scripts (gradlew, gradlew.bat), and the distribution checksum.
That means the gradle-update/update-gradle-wrapper-action workflow is no longer necessary—Renovate handles it in a single, auditable PR.
This reduces maintenance overhead and keeps Gradle up to date in a reliable and automated way.
Beta Was this translation helpful? Give feedback.
All reactions