This is an automated email from the ASF dual-hosted git repository.
vlsi pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/jmeter.git
The following commit(s) were added to refs/heads/master by this push:
new e5a23bb285 chore(renovate): group Maven updates by groupId
e5a23bb285 is described below
commit e5a23bb2855cf422af69931be71d7525a1bc833e
Author: Vladimir Sitnikov <[email protected]>
AuthorDate: Wed Jun 3 09:20:27 2026 +0300
chore(renovate): group Maven updates by groupId
Renovate previously needed a separate packageRule for each groupId, and
security updates were never grouped: Renovate forces their groupName to
null, so log4j-core and log4j-1.2-api opened as separate PRs (#6691 and
#6690) even though both bump to the same 2.25.4.
Add a catch-all rule that groups every Maven update by its groupId, and a
vulnerabilityAlerts block that applies the same grouping to security
updates. Drop the per-groupId rules the catch-all now covers, keeping only
the rules that do more than restate a single groupId: groups that span
several groupIds (errorprone, classic commons, xalan/xerces, vlsi, helger,
gradle, kotlin), version pins (slf4j, xml-apis), disabled entries (guava,
internal src:protocol), and the GitHub Actions group.
Verified with renovate-config-validator and a `renovate --platform=local`
dry run: log4j keeps all four artifacts in one branch, and bouncycastle,
activemq, tika, commons, and lets-plot each stay grouped by groupId
through the catch-all.
Co-Authored-By: Claude Opus 4.8 <[email protected]>
---
renovate.json | 134 ++++------------------------------------------------------
1 file changed, 9 insertions(+), 125 deletions(-)
diff --git a/renovate.json b/renovate.json
index 4e0a4b8cfe..3ddbebc5a0 100644
--- a/renovate.json
+++ b/renovate.json
@@ -9,18 +9,17 @@
"schedule": [
"every 3 weeks on Monday"
],
+ "vulnerabilityAlerts": {
+ "description": "Security updates bypass the packageRules grouping below
(Renovate resets their groupName), so apply the same groupId grouping to them
here.",
+ "groupName": "{{{replace ':.*' '' depName}}} security"
+ },
"packageRules": [
{
- "groupName": "com.fasterxml.jackson.core",
- "matchPackageNames": [
- "com.fasterxml.jackson.core{/,}**"
- ]
- },
- {
- "groupName": "com.github.ben-manes.caffeine",
- "matchPackageNames": [
- "com.github.ben-manes.caffeine{/,}**"
- ]
+ "description": "Group every Maven update by its groupId by default. The
more specific rules below run later and override this where a group must span
several groupIds, pin a version, or stay disabled.",
+ "matchDatasources": [
+ "maven"
+ ],
+ "groupName": "{{{replace ':.*' '' depName}}}"
},
{
"groupName": "com.github.vlsi",
@@ -28,18 +27,6 @@
"com.github.vlsi{/,}**"
]
},
- {
- "groupName": "com.github.weisj",
- "matchPackageNames": [
- "com.github.weisj{/,}**"
- ]
- },
- {
- "groupName": "com.google.auto.service",
- "matchPackageNames": [
- "com.google.auto.service{/,}**"
- ]
- },
{
"groupName": "com.google.errorprone",
"matchPackageNames": [
@@ -79,25 +66,6 @@
"github/**"
]
},
- {
- "groupName": "io.burt",
- "matchPackageNames": [
- "io.burt{/,}**"
- ]
- },
- {
- "groupName": "net.minidev json-smart",
- "matchPackageNames": [
- "net.minidev:accessors-smart{/,}**",
- "net.minidev:json-smart{/,}**"
- ]
- },
- {
- "groupName": "com.miglayout",
- "matchPackageNames": [
- "com.miglayout{/,}**"
- ]
- },
{
"groupName": "commons-* (classic)",
"description": "Classic Apache Commons artifacts where groupId ==
artifactId",
@@ -110,72 +78,6 @@
"commons-net{/,}**"
]
},
- {
- "groupName": "org.ajoberstar.grgit",
- "matchPackageNames": [
- "org.ajoberstar.grgit{/,}**"
- ]
- },
- {
- "groupName": "org.apache.activemq",
- "matchPackageNames": [
- "org.apache.activemq{/,}**"
- ]
- },
- {
- "groupName": "org.apache.commons",
- "matchPackageNames": [
- "org.apache.commons{/,}**"
- ]
- },
- {
- "groupName": "org.apache.ftpserver",
- "matchPackageNames": [
- "org.apache.ftpserver{/,}**"
- ]
- },
- {
- "groupName": "org.apache.httpcomponents4",
- "matchPackageNames": [
- "org.apache.httpcomponents:{/,}**"
- ]
- },
- {
- "groupName": "org.apache.httpcomponents5",
- "matchPackageNames": [
- "org.apache.httpcomponents.client5:{/,}**"
- ]
- },
- {
- "groupName": "org.apache.logging.log4j",
- "matchPackageNames": [
- "org.apache.logging.log4j{/,}**"
- ]
- },
- {
- "groupName": "org.apache.tika",
- "matchPackageNames": [
- "org.apache.tika{/,}**"
- ]
- },
- {
- "groupName": "org.bouncycastle",
- "matchPackageNames": [
- "org.bouncycastle{/,}**"
- ]
- },
- {
- "groupName": "org.eclipse.jetty",
- "matchPackageNames": [
- "org.eclipse.jetty{/,}**"
- ]
- },
- {
- "groupName": "org.hamcrest",
- "matchPackageNames": [
- "org.hamcrest{/,}**"
- ]
- },
{
"groupName": "org.jetbrains.kotlin",
"description": "Kotlin compiler plugins (jvm, kapt, serialization, ...)
share a version",
@@ -183,24 +85,6 @@
"org.jetbrains.kotlin{/,}**"
]
},
- {
- "groupName": "org.jetbrains.lets-plot",
- "matchPackageNames": [
- "org.jetbrains.lets-plot{/,}**"
- ]
- },
- {
- "groupName": "org.jodd",
- "matchPackageNames": [
- "org.jodd{/,}**"
- ]
- },
- {
- "groupName": "org.openjdk.jmh",
- "matchPackageNames": [
- "org.openjdk.jmh{/,}**"
- ]
- },
{
"groupName": "org.slf4j",
"allowedVersions": "< 2.0.0",
