├── README.md
├── assets
    └── merge-confidence.png
└── beta.json


/README.md:
--------------------------------------------------------------------------------
  1 | # Repository Deprecation Notice
  2 | 
  3 | **Deprecation Notice:** Although still supported, the method specified in the rest of this `README.md` file for enabling Merge Confidence badges is no longer the preferred approach.
  4 | 
  5 | For up-to-date instructions, we highly recommend referring to the official [documentation](https://docs.renovatebot.com/merge-confidence/).
  6 | 
  7 | # Merge Confidence
  8 | 
  9 | Look at the Merge Confidence badges before merging to:
 10 | 
 11 | - Prevent updates which break in production
 12 | - See at a glance if you should update
 13 | 
 14 | Merge Confidence finds and flags undeclared breaking releases.
 15 | It analyzes test and release adoption data across Mend Renovate’s early-adopting user base.
 16 | 
 17 | ![Renovate PR with Merge Confidence badges](https://raw.githubusercontent.com/whitesource/merge-confidence/main/assets/merge-confidence.png)
 18 | 
 19 | ## Pull request badges
 20 | 
 21 | Merge Confidence adds the following badges to your pull requests:
 22 | 
 23 | - **Age**: The age of the package
 24 | - **Adoption**: The percentage of this package's users (within Renovate) which are using this release
 25 | - **Passing**: The percentage of updates which have passing tests for this package
 26 | - **Confidence**: The confidence level for this update
 27 | 
 28 | ## Supported platforms
 29 | 
 30 | Merge Confidence badges for pull requests are available in beta on any supported Renovate platform, including Mend Remediate.
 31 | 
 32 | ## Supported languages
 33 | 
 34 | Data is available for packages from:
 35 | 
 36 | - npm
 37 | - Maven
 38 | - PyPI
 39 | 
 40 | We plan to support more languages soon.
 41 | 
 42 | ## Enabling and disabling
 43 | 
 44 | If you use the Mend Renovate App (formerly WhiteSource Renovate App) then the badges are enabled automatically.
 45 | 
 46 | If you don't use the app, you can enable the badges by adding this to your Renovate config:
 47 | 
 48 | ```json
 49 | "extends": ["github>whitesource/merge-confidence:beta"]
 50 | ```
 51 | 
 52 | If you want to disable the badges in the app, add this to your config:
 53 | 
 54 | ```json
 55 | "ignorePresets": ["github>whitesource/merge-confidence:beta"]
 56 | ```
 57 | 
 58 | ## Confidence levels and their meaning
 59 | 
 60 | Merge Confidence uses the following confidence levels:
 61 | 
 62 | - **Low**: We think the update contains breaking changes. Often this is expected because it's a Major version update, but updates can have unknown breaking changes.
 63 | 
 64 | - **Neutral**: We don't have enough data about the update, or we can't decide if the update should be Low or High confidence.
 65 | 
 66 | - **High**: We rank updates as High confidence when the combination of `Age`, `Adoption` and `Passing` tests means there's a very low chance of breaking changes.
 67 | 
 68 | - **Very High**: We only use this for updates which are months old and have either high `Adoption` or have very high test `Passing` scores.
 69 | 
 70 | ## How it works
 71 | 
 72 | Mend's hosted Renovate App has created millions of pull requests on `github.com` to help developers update their dependencies since 2017.
 73 | We bundle and analyze metrics such as package `Age`, package `Adoption`, and `Passing` tests.
 74 | This way we can find packages that have undeclared breaking changes.
 75 | 
 76 | ### Algorithm
 77 | 
 78 | The algorithm that decides on the values is private and is not something we plan to share.
 79 | Similar to a search engine's algorithm, we plan to adjust and improve it over time, for example by using historical data to set a baseline confidence level for packages.
 80 | 
 81 | ### Data
 82 | 
 83 | We plan to expose much more of the data via a companion website, such as number of users of a package and popular repositories which already updated to the version in question.
 84 | 
 85 | ## Explanations
 86 | 
 87 | ### npm package ranking
 88 | 
 89 | npm packages less than three days old can be [unpublished](https://docs.npmjs.com/unpublishing-packages-from-the-registry/), which can result in a service impact if you have updated to a package that gets unpublished.
 90 | This is why npm packages can only get the **High** Confidence badge when they are at least three days old.
 91 | 
 92 | ### Percentage values weighting
 93 | 
 94 | The percentages for `Adoption` and `Passing` are weighted towards Organizations, private repositories, and projects with high test reliability.
 95 | This means those values aren't _raw_ percentages.
 96 | 
 97 | ## Roadmap
 98 | 
 99 | High-level information on planned improvements is available in the [Merge Confidence Roadmap Project](https://github.com/whitesource/merge-confidence/projects/1) on GitHub.
100 | 
101 | ## Questions and feedback
102 | 
103 | You are invited to [create an Issue](https://github.com/whitesource/merge-confidence/issues/new) if you have anything you'd like to discuss.
104 | 


--------------------------------------------------------------------------------
/assets/merge-confidence.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/whitesource/merge-confidence/c3343fd3469c35509f622b0a175dbaa21c7a379b/assets/merge-confidence.png


--------------------------------------------------------------------------------
/beta.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "prBodyDefinitions": {
 3 |     "Age": "{{#if newVersion}}[![age](https://developer.mend.io/api/mc/badges/age/{{datasource}}/{{replace '/' '%2f' depName}}/{{{newVersion}}}?slim=true)](https://docs.renovatebot.com/merge-confidence/){{/if}}",
 4 |     "Adoption": "{{#if newVersion}}[![adoption](https://developer.mend.io/api/mc/badges/adoption/{{datasource}}/{{replace '/' '%2f' depName}}/{{{newVersion}}}?slim=true)](https://docs.renovatebot.com/merge-confidence/){{/if}}",
 5 |     "Passing": "{{#if newVersion}}[![passing](https://developer.mend.io/api/mc/badges/compatibility/{{datasource}}/{{replace '/' '%2f' depName}}/{{{currentVersion}}}/{{{newVersion}}}?slim=true)](https://docs.renovatebot.com/merge-confidence/){{/if}}",
 6 |     "Confidence": "{{#if newVersion}}[![confidence](https://developer.mend.io/api/mc/badges/confidence/{{datasource}}/{{replace '/' '%2f' depName}}/{{{currentVersion}}}/{{{newVersion}}}?slim=true)](https://docs.renovatebot.com/merge-confidence/){{/if}}"
 7 |     },
 8 |   "packageRules": [
 9 |     {
10 |       "datasources": ["go", "maven", "npm", "pypi", "nuget", "rubygems", "packagist"],
11 |       "updateTypes": ["patch", "minor", "major"],
12 |       "prBodyColumns": ["Package", "Change", "Age", "Adoption", "Passing", "Confidence"]
13 |     }
14 |   ]
15 | }
16 | 


--------------------------------------------------------------------------------