Skip to content

chore(deps): disable renovate for aws-config/aws-sdk-* crates#9052

Merged
jdx merged 2 commits intomainfrom
fix/renovate-ignore-aws-sdk
Apr 11, 2026
Merged

chore(deps): disable renovate for aws-config/aws-sdk-* crates#9052
jdx merged 2 commits intomainfrom
fix/renovate-ignore-aws-sdk

Conversation

@jdx
Copy link
Copy Markdown
Owner

@jdx jdx commented Apr 11, 2026
edited
Loading

Summary

  • Disable Renovate updates for aws-config and aws-sdk-* crates to prevent MSRV-breaking PRs
  • AWS SDK bumped their MSRV to 1.91.1, which exceeds our 1.88.0
  • Narrowly scoped to avoid blocking updates to aws-lc-rs (crypto library)

Test plan

  • Verify renovate.json is valid
  • Confirm lint passes locally

🤖 Generated with Claude Code

@jdx @claude
chore(deps): disable renovate for aws-* crates
d58d79b 
AWS SDK updates keep bumping past our MSRV (1.88.0). Disable
automatic updates for aws-* crates until we're ready to bump.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
gemini-code-assist[bot]
gemini-code-assist Bot reviewed Apr 11, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the Renovate configuration to disable updates for AWS SDK packages within the Cargo manager. The review feedback suggests adding a description to document the specific MSRV requirement causing this change and recommends using the dependency dashboard to track security updates rather than disabling them entirely.

Comment thread .github/renovate.json
Comment on lines +12 to +16
{
"matchPackageNames": ["aws-*"],
"matchManagers": ["cargo"],
"enabled": false
}
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot Apr 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Disabling updates entirely for these packages prevents Renovate from identifying security vulnerabilities and critical patches. While this is a necessary workaround for MSRV incompatibility, it is recommended to add a description field to the rule to document the reason (MSRV 1.91.1 requirement) for future maintainers. Alternatively, consider using dependencyDashboardApproval: true instead of enabled: false. This would prevent automatic PRs but still allow you to see and manually trigger updates from the Renovate dashboard, which is safer for tracking security fixes.

    {
      "description": "Disable AWS SDK updates due to MSRV 1.91.1 requirement (project is 1.88.0)",
      "matchPackageNames": ["aws-*"],
      "matchManagers": ["cargo"],
      "enabled": false
    }

@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps Bot commented Apr 11, 2026
edited
Loading

Greptile Summary

This PR adds a packageRules entry to .github/renovate.json to disable Renovate updates for aws-config and aws-sdk-* cargo crates, preventing MSRV-breaking PRs while the project's MSRV (1.88.0) is below the AWS SDK's new requirement (1.91.1). The rule uses specific package name patterns rather than a broad glob, correctly leaving aws-lc-rs eligible for continued Renovate updates, and the description field documents the re-enable condition.

Confidence Score: 5/5

This PR is safe to merge — it is a config-only change with no runtime code impact and all previously raised concerns have been addressed.

The change is a single-file Renovate config update. Both prior review concerns (broad aws-* glob and missing re-enable guidance) are resolved in this version: the pattern is narrowed to aws-config/aws-sdk-* (leaving aws-lc-rs updatable), and the description field documents when to re-enable. No P0 or P1 findings remain.

No files require special attention.

Important Files Changed

Filename Overview
.github/renovate.json Adds a targeted packageRule disabling Renovate updates for aws-config and aws-sdk-* cargo crates; aws-lc-rs is correctly excluded from the disable pattern and remains updatable.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Renovate scans Cargo.toml] --> B{Package name matches\naws-config or aws-sdk-*?}
    B -- Yes --> C[Rule: enabled=false\nSkip update PR]
    B -- No --> D{Other package\ne.g. aws-lc-rs}
    D --> E[Normal Renovate processing\nUpdate PRs opened as usual]
    C --> F[No PR opened\nUntil MSRV >= 1.91.1]
Loading

Reviews (2): Last reviewed commit: "chore(deps): narrow renovate rule to aws..." | Re-trigger Greptile

greptile-apps[bot]
greptile-apps Bot reviewed Apr 11, 2026
View reviewed changes
Comment thread .github/renovate.json Outdated
Comment thread .github/renovate.json
@jdx @claude
chore(deps): narrow renovate rule to aws-config/aws-sdk-* only
5b37817 
Address PR feedback: don't block aws-lc-rs updates (crypto library),
and add description for future maintainers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@jdx jdx changed the title chore(deps): disable renovate for aws-* crates chore(deps): disable renovate for aws-config/aws-sdk-* crates Apr 11, 2026
@jdx jdx merged commit 18f0edd into main Apr 11, 2026
24 of 25 checks passed
@jdx jdx deleted the fix/renovate-ignore-aws-sdk branch April 11, 2026 17:21
@mise-en-dev mise-en-dev mentioned this pull request Apr 11, 2026
Merged
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 11, 2026

Hyperfine Performance

mise x -- echo

Command Mean [ms] Min [ms] Max [ms] Relative
mise-2026.4.8 x -- echo 22.5 ± 0.5 21.6 23.9 1.00
mise x -- echo 22.6 ± 0.4 21.8 24.4 1.00 ± 0.03

mise env

Command Mean [ms] Min [ms] Max [ms] Relative
mise-2026.4.8 env 21.9 ± 0.7 21.0 27.7 1.00
mise env 22.4 ± 0.4 21.5 24.0 1.02 ± 0.04

mise hook-env

Command Mean [ms] Min [ms] Max [ms] Relative
mise-2026.4.8 hook-env 22.5 ± 0.4 21.7 24.7 1.00
mise hook-env 23.0 ± 0.4 22.0 25.0 1.02 ± 0.03

mise ls

Command Mean [ms] Min [ms] Max [ms] Relative
mise-2026.4.8 ls 19.9 ± 0.3 19.3 21.5 1.00
mise ls 20.3 ± 0.4 19.6 22.0 1.02 ± 0.03

xtasks/test/perf

Command mise-2026.4.8 mise Variance
install (cached) 150ms 148ms +1%
ls (cached) 78ms 78ms +0%
bin-paths (cached) 82ms 82ms +0%
task-ls (cached) 820ms 798ms +2%

mise-en-dev added a commit that referenced this pull request Apr 11, 2026
@mise-en-dev
chore: release 2026.4.9 (#9000)
fd18426 
### 🐛 Bug Fixes

- **(docs)** upgrade esbuild to 0.28.0 with es2022 build target by @jdx
in [#9047](#9047)
- **(env)** skip tools=true module hooks in dependency_env by @jdx in
[#9011](#9011)
- **(lockfile)** resolve SLSA provenance URLs deterministically for all
platforms by @cameronbrill in
[#8982](#8982)
- **(registry)** test of docuum in registry by @jylenhof in
[#8996](#8996)
- **(release)** publish extracted mise.exe alongside Windows zip by
@zeitlinger in [#8997](#8997)
- **(schema)** add missing config fields by @risu729 in
[#9044](#9044)
- **(task)** support sandbox fields in task templates by @risu729 in
[#9046](#9046)
- **(tasks)** respect env precedence for task config by @risu729 in
[#9039](#9039)
- prevent implicit enabling of `self_update` when rustls features are
enabled by @salim-b in [#9040](#9040)
- allow installing bun and others when downloads folder is on a
different mount by @bgeron in
[#9032](#9032)

### 📚 Documentation

- discourage direnv compatibility PRs and remove issue suggestions by
@jdx in
[ca78346](ca78346)
- tighten direnv compatibility language by @jdx in
[ab140c8](ab140c8)
- add Tera tip for unsupported version files by @risu729 in
[#9048](#9048)

### 📦️ Dependency Updates

- update ghcr.io/jdx/mise:deb docker digest to 49fa8a4 by @renovate[bot]
in [#8999](#8999)
- update ghcr.io/jdx/mise:copr docker digest to 61ba7b6 by
@renovate[bot] in [#8998](#8998)
- update ghcr.io/jdx/mise:copr docker digest to fa351ff by
@renovate[bot] in [#9002](#9002)
- update ghcr.io/jdx/mise:alpine docker digest to f3bb475 by
@renovate[bot] in [#9001](#9001)
- update ghcr.io/jdx/mise:rpm docker digest to d45af2d by @renovate[bot]
in [#9005](#9005)
- update ghcr.io/jdx/mise:deb docker digest to d7463ac by @renovate[bot]
in [#9004](#9004)
- update jdx/mise-action digest to 5228313 by @renovate[bot] in
[#9007](#9007)
- update rust docker digest to e8e2bb5 by @renovate[bot] in
[#9008](#9008)
- update taiki-e/install-action digest to 97a5807 by @renovate[bot] in
[#9010](#9010)
- update autofix-ci/action action to v1.3.3 by @renovate[bot] in
[#9015](#9015)
- update ubuntu:24.04 docker digest to 84e77de by @renovate[bot] in
[#9012](#9012)
- update actions/checkout action to v4.3.1 by @renovate[bot] in
[#9014](#9014)
- update ubuntu:26.04 docker digest to cc925e5 by @renovate[bot] in
[#9013](#9013)
- update rust crate tokio to v1.51.1 by @renovate[bot] in
[#9018](#9018)
- update rust crate zip to v8.5.1 by @renovate[bot] in
[#9019](#9019)
- update rust crate ctor to 0.9 by @renovate[bot] in
[#9024](#9024)
- update ubuntu docker tag to resolute-20260404 by @renovate[bot] in
[#9020](#9020)
- update dependency vitepress-plugin-tabs to ^0.8.0 by @renovate[bot] in
[#9023](#9023)
- update rust crate indexmap to v2.14.0 by @renovate[bot] in
[#9025](#9025)
- update rust crate nix to 0.31 by @renovate[bot] in
[#9030](#9030)
- update taiki-e/install-action digest to 7a4939c by @renovate[bot] in
[#9027](#9027)
- update dependency esbuild to v0.28.0 by @renovate[bot] in
[#9022](#9022)
- update rust crate rand to 0.10 by @renovate[bot] in
[#9031](#9031)
- update rust crate digest to 0.11.0 by @renovate[bot] in
[#9028](#9028)
- update rust crate confique to 0.4 by @renovate[bot] in
[#9026](#9026)
- update rust crate rattler to 0.40 by @renovate[bot] in
[#9034](#9034)
- lock file maintenance by @renovate[bot] in
[#8416](#8416)
- disable renovate for aws-config/aws-sdk-* crates by @jdx in
[#9052](#9052)
- update swatinem/rust-cache digest to e18b497 by @renovate[bot] in
[#9009](#9009)

### 📦 Registry

- remove broken tool tests by @jdx in
[#9017](#9017)
- update granted aqua backend repo by @risu729 in
[#9033](#9033)
- fix atlas-community test expected output by @jdx in
[#9054](#9054)

### Chore

- use deprecated_at! macro for ubi backend deprecation by @jdx in
[#9049](#9049)

### Security

- **(ci)** run test-tool inside Docker container by @jdx in
[#9055](#9055)
- **(ci)** avoid exposing MISE_GH_TOKEN to test-tool scripts by @jdx in
[#9053](#9053)

### New Contributors

- @bgeron made their first contribution in
[#9032](#9032)
- @salim-b made their first contribution in
[#9040](#9040)

## 📦 Aqua Registry Updates

#### Updated Packages (2)

-
[`cloudnative-pg/cloudnative-pg/kubectl-cnpg`](https://github.com/cloudnative-pg/cloudnative-pg/kubectl-cnpg)
- [`gleam-lang/gleam`](https://github.com/gleam-lang/gleam)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jdx