AI Skill Report Card
Cherry Picking Renovate Commits
YAML--- name: cherry-picking-renovate-commits description: Cherry picks Renovate dependency update commits into grouped branches to minimize pipeline failures. Use when processing multiple Renovate PRs that need selective grouping. --- # Cherry Picking Renovate Commits
Quick Start15 / 15
Bash# Create grouped branch for low-risk updates git checkout -b renovate/grouped-minor-updates git cherry-pick <commit-hash-1> <commit-hash-2> <commit-hash-3> git push origin renovate/grouped-minor-updates
Recommendation▾
Consider adding example command outputs to show what successful cherry-picks look like
Workflow15 / 15
Progress:
- List all pending Renovate PRs
- Categorize updates by risk level
- Create grouped branches by category
- Cherry pick commits into appropriate groups
- Test each group independently
- Merge successful groups
1. Analyze Renovate PRs
Bash# List all renovate branches git branch -r | grep renovate | head -20 # Check commit details for each PR git log --oneline renovate/branch-name
2. Categorize by Risk
Low Risk Group (patch updates, dev dependencies):
- Patch version bumps (1.2.3 → 1.2.4)
- DevDependencies updates
- Documentation tools
Medium Risk Group (minor updates, test tools):
- Minor version bumps (1.2.3 → 1.3.0)
- Testing frameworks
- Build tools
High Risk Group (major updates, core dependencies):
- Major version bumps (1.2.3 → 2.0.0)
- Runtime dependencies
- Framework updates
3. Create Grouped Branches
Bash# Low risk batch git checkout main git pull origin main git checkout -b renovate/batch-low-risk-$(date +%Y%m%d) # Medium risk batch git checkout main git checkout -b renovate/batch-medium-risk-$(date +%Y%m%d) # High risk (individual branches) git checkout main git checkout -b renovate/high-risk-framework-update
4. Cherry Pick Strategy
Bash# Get commit hash from renovate branch git log --oneline renovate/update-dependency-name # Cherry pick into group branch git checkout renovate/batch-low-risk-20240115 git cherry-pick abc1234 # The actual update commit, not merge commits # For multiple related commits git cherry-pick abc1234 def5678 ghi9012
5. Verify Groups
Bash# Check what's included in the batch git log --oneline main..HEAD # Run quick validation npm ci && npm test # or your pipeline equivalent
Recommendation▾
Include a troubleshooting section for common cherry-pick conflicts and their resolutions
Examples18 / 20
Example 1: Grouping Patch Updates
Input: 5 Renovate PRs with patch updates (lodash 4.17.20→4.17.21, axios 0.24.0→0.24.1, etc.)
Output: Single branch renovate/batch-patches-20240115 with all 5 commits cherry-picked
Example 2: Isolating Major Update
Input: React 17→18 upgrade PR
Output: Individual branch renovate/react-18-upgrade with careful testing
Example 3: Dev Dependency Batch
Input: 8 devDependency updates (eslint, prettier, jest plugins)
Output: Branch renovate/batch-dev-deps-20240115 grouping all dev tools
Recommendation▾
Add a template for commit message format when creating grouped branches
Best Practices
- Group by blast radius: Low-risk patches together, isolate breaking changes
- Limit batch size: Max 10 updates per group to aid debugging
- Preserve commit messages: Use
git cherry-pickto maintain Renovate's descriptive messages - Test incrementally: Run CI after each cherry-pick if pipeline is fast
- Name branches descriptively: Include date and risk level in branch names
- Check for conflicts: Some updates may conflict when combined
Common Pitfalls
- Don't cherry-pick merge commits: Pick the actual update commits, not GitHub's merge commits
- Don't mix risk levels: Keep major updates isolated from patches
- Don't ignore peer dependencies: Group related dependency updates together
- Don't skip conflict resolution: Address cherry-pick conflicts immediately
- Don't batch breaking changes: Major version bumps should be individual PRs
- Don't forget to update package-lock.json: Some cherry-picks may need lockfile regeneration