How to exclude major upgrade for specific dependencies when using "group-all" merge requests in Renovate?

Question

I would like to prevent Renovate from making major upgrades for some dependencies but still allow minor and patch upgrade for those dependencies. Using ignoreDeps excludes them completely which is not optimal. I also need to have all suggested upgrades of each run in one Gitlab merge request, so using separate matchUpdateTypes groups does not suit my use-case.

Is there a way to achieve what I am looking for?

Concrete example in a project using Angular 14, that Renovate should not try to upgrade to 15 but still give me the latest 14.x upgrades:

"@angular/router": "14.2.7",   // what I have now
"@angular/router": "14.2.10",  // what should be suggested
"@angular/router": "15.0.0",   // what should be avoided

My general package rules across all repos looks like following:

"packageRules": [
  {
    "groupName": "all dependencies",
    "groupSlug": "all",
    "matchPackagePatterns": [
      "*"
    ],
    "matchUpdateTypes": [
      "major",
      "minor",
      "patch"
    ]
  }
],

And I specify the specific dependencies to ignore in the renovate.json file of each repo like such:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
  "ignoreDeps": [
    "@angular/router"
  ]
}

But this prevents all updates. I've tried playing around with the schema, this did just ignore the config altogether:

// BROKEN
{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json"
  "major": {
    "ignoreDeps": [
      "@angular/router"
    ]
  }
}

And overriding the packageRules at repo level was also unsuccessful.

Answer 1

You could try something like this:

"packageRules": [
...
  {
    "matchPackageNames": ["@angular/router"],
    "allowedVersions": "<15.0.0"
  },
...
]