Update docs on CI/CD (#488)

- Update owner of Netlify for this repo
- Add docs for Renovate

Author: yechs

docs/infra/CI-CD.md

@@ -44,7 +44,7 @@ CI/CD 是 [Continuous Integration](https://en.wikipedia.org/wiki/Continuous_inte
 
 - 是一个自动编译并搭建静态网站预览的工具。配置后，Netlify 会在 PR 下添加一条包含预览网站地址的留言，使审核者能够预览这个 PR 引入的改变
 - 由于免费版的 Netlify 只允许每个项目拥有一个管理员，需要更改项目配置的请联系
-  - [Computerization-website](https://github.com/Computerization/computerization.github.io) 的管理员是 [@yechs](https://github.com/yechs)
+  - [computerization.io （本网站）](https://github.com/Computerization/computerization.github.io) 的所有者是 [@computerization-bot](https://github.com/computerization-bot) （由 [@yechs](https://github.com/yechs) 管理）
   - [Enspire](https://github.com/Computerization/Enspire) 的管理员是 [@Josh-Cena](https://github.com/Josh-Cena)
 
 ### LGTM {#lgtm}
@@ -58,10 +58,17 @@ CI/CD 是 [Continuous Integration](https://en.wikipedia.org/wiki/Continuous_inte
 - 对于仍处于未完成状态的 Pull Request，可以在标题中标注 `[WIP]`，WIP 会避免这些 PR 被合并进入主分支。
 - **注**：现在 GitHub 自己的 draft PR 功能已经非常完善了。对于仍然处于 WIP 状态的 PR，应当考虑[标注其为 draft PR](https://github.blog/changelog/2020-04-08-convert-pull-request-to-draft/)。
 
-### Dependabot {#dependabot}
+### ~~Dependabot~~ {#dependabot}
 
-- 此外，我们还通过 dependabot 来自动更新依赖
+- ~~此外，我们还通过 dependabot 来自动更新依赖~~ 我们目前已经抛弃 Dependabot 转向使用 Renovate （见 [computerization.github.io#381](https://github.com/Computerization/computerization.github.io/pull/381)）
+  - 但集成在 GitHub 中的 Dependabot 仍可能自动开 PR 更新已知漏洞的依赖项目
 - 它是一个被 GitHub 收购了的工具，会在你的依赖项目出现新版本之后开 PR 来更新这些依赖项目的版本
   - **注**：因为 dependabot 往往会提交大量的 PR，因此也会给项目的提交记录带来大量的噪音
 - Dependabot 还被用于依赖项目中漏洞的发现与自动修复
 - 它的配置文件通常位于 `.github/dependabot.yml`。可以在项目的 Insights 页面中的 Dependency graph 查看 dependabot 的当前状态。如果你是项目管理员的话，在项目的 Security 页面中也能看到 dependabot 的安全漏洞警告。
+
+### Renovate {#renovate}
+
+- Renovate 是一个类似 Dependabot 的工具，用于自动更新依赖项目
+- 但 Renovate 支持 [依赖包分组](https://docs.renovatebot.com/noise-reduction/#package-grouping)，可以在一个 PR 中同时更新多个依赖，以减少项目 PR 的噪音。
+- 它的配置文件位于 `renovate.json` 或是 `.github/renovate.json`。此外，也可以配置专门的 issue 作为 dependency dashboard （如 [computerization.github.io#422](https://github.com/Computerization/computerization.github.io/issues/422)） 以追踪所有依赖项目的版本状态

i18n/en/docusaurus-plugin-content-docs/current/infra/CI-CD.md

@@ -44,7 +44,7 @@ In a typical web project, each of your PR will be examined by the following tool
 
 - It is a tool used to automatically build and preview static websites. With some configuration, it will comment the preview address under PRs, so that reviewers can preview the changes introduced by the PR.
 - Since the free plan of Netlify allows only one member in each organization, you should contact these people if you want to change the configurations
-  - [Computerization-website](https://github.com/Computerization/computerization.github.io) ==> [@yechs](https://github.com/yechs)
+  - [computerization.io (this website)](https://github.com/Computerization/computerization.github.io) ==> [@computerization-bot](https://github.com/computerization-bot) (managed by [@yechs](https://github.com/yechs))
   - [Enspire](https://github.com/Computerization/Enspire) ==> [@Josh-Cena](https://github.com/Josh-Cena)
 
 ### LGTM
@@ -58,10 +58,17 @@ In a typical web project, each of your PR will be examined by the following tool
 - For unfinished Pull Requests, one can add `[WIP]` in the title, and WIP will prevent these PRs from being merged.
 - **Note**: Now that GitHub's built-in draft PR functionality is much more usable, you should consider [marking the PR as draft](https://github.blog/changelog/2020-04-08-convert-pull-request-to-draft/) instead.
 
-### Dependabot
+### ~~Dependabot~~
 
-- In addition, we use dependabot to automatically update the dependencies.
+- ~~In addition, we use dependabot to automatically update the dependencies.~~ We have now switched from Dependabot to Renovate (See [computerization.github.io#381](https://github.com/Computerization/computerization.github.io/pull/381))
+  - However, GitHub-integrated Dependabot may still open PRs to upgrade dependencies with known vulnerabilities.
 - It is a tool now acquired by (and integrated into) GitHub. It'll open PRs to update your project dependencies when they are outdated
   - **Note**：Since dependabot usually opens large amounts of PRs, it'll also bring huge amounts of noise to the project's commit history
 - It is also used to automatically detect and fix vulnerabilities introduced by dependencies.
 - The configuration file is usually located in `.github/dependabot.yml`. You can visit the dependency graph in repo's "Insights" tab to check the current status of dependabot. If you are the repo administrator, you can also view dependaboit vulnerability alert under the repo's "Security" tab.
+
+### Renovate
+
+- Renovate is a tool similar to Dependabot that automatically updates the dependencies
+- with the addition of [package grouping](https://docs.renovatebot.com/noise-reduction/#package-grouping), that allows it to update multiple dependency packages in one PR to reduce the noise in project PRs.
+- Its configuration file iis located at `renovate.json` or `.github/renovate.json`. In addition, it can be configured to open an issue as dependency dashboard (e.g. [computerization.github.io#422](https://github.com/Computerization/computerization.github.io/issues/422)) to track the status of all dependency upgrades.