Skip to content

fix: GH-06 accept Renovate as alternative to Dependabot#39

Merged
CybotTM merged 1 commit into
mainfrom
fix/gh06-renovate
Mar 15, 2026
Merged

fix: GH-06 accept Renovate as alternative to Dependabot#39
CybotTM merged 1 commit into
mainfrom
fix/gh06-renovate

Conversation

@CybotTM

@CybotTM CybotTM commented Mar 15, 2026

Copy link
Copy Markdown
Member

Summary

  • feat: add Go project CI checklist and related skills section #6 checkpoint produced false positives on repos using Renovate instead of Dependabot
  • Changed from file_exists (only .github/dependabot.yml) to command check that accepts any of: dependabot.yml, renovate.json, .github/renovate.json, .renovaterc.json, .renovaterc

Test plan

  • Verify checkpoint passes on a repo with .github/dependabot.yml
  • Verify checkpoint passes on a repo with renovate.json
  • Verify checkpoint warns on a repo with neither

The file_exists check only looked for .github/dependabot.yml, producing
false positives on repos using Renovate for dependency updates. Switch to
a command check that accepts dependabot.yml, renovate.json,
.github/renovate.json, .renovaterc.json, or .renovaterc.

Signed-off-by: Sebastian Mendel <info@sebastianmendel.de>
@gemini-code-assist

Copy link
Copy Markdown
Contributor

Summary of Changes

Hello, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses an issue where the GH-6 checkpoint incorrectly flagged repositories using Renovate for dependency management as not having any automation configured. The change updates the checkpoint's logic to recognize both Dependabot and Renovate configuration files, ensuring accurate assessment of dependency update automation presence.

Highlights

Changelog
Activity
  • No human activity has been recorded on this pull request yet.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request correctly extends the GH-06 checkpoint to support Renovate as an alternative to Dependabot for dependency management. The change from a file_exists check to a command check is appropriate for handling multiple possible configuration files. I've added one suggestion to improve the completeness and readability of the shell command used for the check.

Comment thread skills/github-project/checkpoints.yaml
@CybotTM CybotTM merged commit 9902c7b into main Mar 15, 2026
4 checks passed
@CybotTM CybotTM deleted the fix/gh06-renovate branch March 15, 2026 09:36
CybotTM added a commit that referenced this pull request May 2, 2026
Adds a package.json so the skill is npm-installable straight from this
GitHub repo (no npm-registry publication required to start). README
gains a parallel 'npm (Node Projects)' section under Installation,
mirroring the existing 'Composer (PHP Projects)' section.

Same pattern applied to git-workflow-skill (PR #39) and on the
coordinator side at netresearch/node-agent-skill-coordinator. Version
stays at 0.0.0-source until npm publication is decided separately.

Signed-off-by: Sebastian Mendel <sebastian.mendel@netresearch.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant