[#2249] Changed Renovate rangeStrategy to bump

[AlexSkrypnyk]

Summary

• Changed Renovate rangeStrategy from update-lockfile to bump

Closes #2249

Problem

With config.bump-after-update set to true in composer.json, PRs created by Renovate were failing because they only updated the lock file, not composer.json.

Why Composer's bump-after-update doesn't help

One might expect that since Renovate runs composer update internally, Composer's bump-after-update: true setting would automatically bump versions in composer.json. However, Renovate controls what gets committed, not just what Composer does during the update process.

The workflow is:

1. Renovate determines what needs updating
2. Based on rangeStrategy, Renovate decides whether to modify composer.json
3. Renovate runs composer update to regenerate the lockfile
4. Renovate commits only the files it intended to change based on rangeStrategy

With rangeStrategy: update-lockfile, even if Composer's bump-after-update modifies composer.json, Renovate discards those changes and only commits composer.lock.

Solution

Changed rangeStrategy to bump, which tells Renovate to:

1. Bump versions in composer.json
2. Run composer update to regenerate the lockfile
3. Commit both composer.json and composer.lock

References

• Renovate rangeStrategy documentation
• Renovate Composer manager documentation
• Dependabot discussion on bump-after-update

Test plan

• Verify next Renovate PR includes changes to both composer.json and composer.lock

Summary by CodeRabbit

• Chores
  • Updated dependency update strategy configuration.

[coderabbitai]

Important

Review skipped

Review was skipped due to path filters

⛔ Files ignored due to path filters (3)

• .vortex/installer/tests/Fixtures/handler_process/_baseline/renovate.json is excluded by !.vortex/installer/tests/Fixtures/**
• .vortex/installer/tests/Fixtures/handler_process/timezone_circleci/renovate.json is excluded by !.vortex/installer/tests/Fixtures/**
• .vortex/installer/tests/Fixtures/handler_process/timezone_gha/renovate.json is excluded by !.vortex/installer/tests/Fixtures/**

CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including **/dist/** will override the default block on the dist directory, by removing the pattern from both the lists.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

• 🔍 Trigger a full review

Walkthrough

The rangeStrategy configuration in renovate.json is updated from "update-lockfile" to "bump" to align with bump-after-update behavior, ensuring dependency version updates are correctly bumped rather than only updating lock files.

Changes

Cohort / File(s)	Summary
Renovate Configuration renovate.json	Changed rangeStrategy from "update-lockfile" to "bump" to correct version bumping behavior when bump-after-update is enabled.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A single knob we twist with care,
From lockfile updates to bumps so fair,
Now Renovate hops with proper grace,
Dependencies move to their rightful place! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title clearly references issue #2249 and accurately describes the main change: modifying Renovate's rangeStrategy configuration from 'update-lockfile' to 'bump'.
Linked Issues check	✅ Passed	The pull request directly addresses issue #2249 by changing rangeStrategy to 'bump', which resolves the core requirement that Renovate must update both composer.json and composer.lock when Composer has bump-after-update enabled.
Out of Scope Changes check	✅ Passed	The pull request contains only a single, focused change to renovate.json's rangeStrategy configuration, which is directly within scope of issue #2249's requirements.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feature/2249-renovate-bump

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:13:19

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:15:40

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:15:51

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 76.22%. Comparing base (7cf277d) to head (d4c4bdc).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2250      +/-   ##
==========================================
- Coverage   76.85%   76.22%   -0.63%     
==========================================
  Files         112      105       -7     
  Lines        5846     5687     -159     
  Branches       44        0      -44     
==========================================
- Hits         4493     4335     -158     
+ Misses       1353     1352       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

Code Coverage Report:
  2026-02-06 06:26:13

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:26:34

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:29:57

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)

[AlexSkrypnyk]

Code Coverage Report:
  2026-02-06 06:29:58

 Summary:
  Classes:  0.00% (0/1)
  Methods:  0.00% (0/2)
  Lines:   93.82% (167/178)