Skip to content

docs(plan): reconcile PLAN.md with shipped Renovate adoption (ADR-0004)#28

Merged
NWarila merged 1 commit into
mainfrom
docs/round3-plan-renovate
May 29, 2026
Merged

docs(plan): reconcile PLAN.md with shipped Renovate adoption (ADR-0004)#28
NWarila merged 1 commit into
mainfrom
docs/round3-plan-renovate

Conversation

@NWarila
Copy link
Copy Markdown
Owner

@NWarila NWarila commented May 29, 2026

Summary

Round-3 doc-accuracy fix (AUDIT-2026-05-28 round 2). PLAN.md still asserted Dependabot as the chosen dependency-update tool, contradicting the shipped state after PR #27 (merged): this repo adopted Renovate (.github/renovate.json5) and removed Dependabot (.github/dependabot.yml deleted), per ADR-0004.

Verified current state before editing:

  • gh api .../contents/.github/renovate.json5 -> exists
  • gh api .../contents/.github/dependabot.yml -> 404

Stale references reconciled

Where Before After
Resolved Decision #5 "Dependabot, not Renovate." "Renovate, not Dependabot." — superseded by ADR-0004, cites renovate.json5 config + PR #27 removal
Phase 2 TODO [ ] Add Dependabot version updates... [x] done via Renovate (ADR-0004), not Dependabot
Security policy "Use Dependabot version updates..." "Use Renovate version updates (.github/renovate.json5, per ADR-0004)..."
uv pilot "not locked yet" "Dependabot support exists, but..." "Dependency-bot support exists (the repo uses Renovate per ADR-0004...)..."
uv security-surface caveat "Dependabot alerts and updates" "Dependabot security alerts (advisory visibility; version updates handled by Renovate per ADR-0004)"

Left as historical (intentional)

The Research Anchors bibliography (lines ~1085-1165) records docs reviewed during planning, including the uv+Dependabot and uv+Renovate integration links and the "GitHub Dependabot for Actions" doc. These are accurate tool-capability statements and genuine planning history — not false current-state assertions — so they are preserved.

Validation

  • markdownlint-cli2 PLAN.md (repo .markdownlint-cli2.jsonc) -> 0 errors
  • diff --stat: PLAN.md | 30 +++--, 19 insertions(+), 11 deletions(-)

DO NOT MERGE.

🤖 Generated with Claude Code

@NWarila @claude
docs(plan): reconcile PLAN.md with shipped Renovate adoption (ADR-0004)
dbd4b2f 
PLAN.md still asserted Dependabot as the chosen dependency-update tool,
contradicting the shipped state after PR #27 (Renovate adopted via
.github/renovate.json5, .github/dependabot.yml removed, per ADR-0004).

Per AUDIT-2026-05-28 round 2, reconcile the stale references:
- Resolved Decision #5 "Dependabot, not Renovate" -> "Renovate, not
  Dependabot", marked superseded by ADR-0004.
- Phase 2 TODO "Add Dependabot version updates" -> marked done via Renovate.
- Security policy "Use Dependabot version updates" -> "Use Renovate".
- uv-pilot caveats clarified to reflect Renovate as the dependency bot.

Research Anchors bibliography (uv+dependabot/renovate doc links, Dependabot
for Actions docs) left as historical research notes; their takeaways are
accurate tool-capability statements, not current-state assertions.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@NWarila NWarila merged commit becfa00 into main May 29, 2026
13 checks passed
@NWarila NWarila deleted the docs/round3-plan-renovate branch May 29, 2026 02:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@NWarila