Renovate Probe

Bots are used to automate tasks in a plugin. The Plugin Health Scoring System tracks usage of two bots - Dependabot and Renovate.

Dependabot looks for dependencies that are outdated in a plugin. It can also raise a security alert if a security breach is found, like when the code depends on an insecure package.

Renovate provides automated dependency updates. It can also schedule PRs and customize behavior using configuration files.

This is a community requested probe to track the usage of Renovate. Bot tracking probes help in identifying which bot is used most by the plugins. In the future, the probe will aid in decision-making when the need arises to add or remove a bot.

The pull requests created by Renovate will be counted when scoring the probe.

Dependabot and Renovate probes both had similar functionality: finding their respective configuration in GitHub workflow.

Implementing the solution with the correct class design was a major challenge while working on this probe.

Having implemented a similar class in the Security Scan probe, this probe was easy to complete. The probe has been successfully merged and pushed into production. The probe will help identify usage of Renovate in plugins.

For more information or to find answers to any questions you might have, please visit the official GSoC 2023 project Adding Probes to "Plugin Health Score" description page.