Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

@dependabot recreate stopped doing anything #10162

Closed
1 task done
martinpitt opened this issue Jul 7, 2024 · 4 comments
Closed
1 task done

@dependabot recreate stopped doing anything #10162

martinpitt opened this issue Jul 7, 2024 · 4 comments
Labels
L: git:submodules Git submodules L: go:modules Golang modules L: javascript T: bug 🐞 Something isn't working

Comments

@martinpitt
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

npm

Package manager version

10.5

Language version

Node.js 20.12

Manifest location and content before the Dependabot update

https://github.com/cockpit-project/cockpit-files/blob/main/package.json

Content is not really relevant for this bug

dependabot.yml content

https://github.com/cockpit-project/cockpit-files/blob/main/.github/dependabot.yml

Updated dependency

esbuild (but not relevant)

What you expected to see, versus what you actually saw

We configured dependabot to update our npm modules once a week. For technical reasons (we put node_modules/ into git), we have to land the resulting set of PRs serially: land the first one, then @dependabot recreate the second one, let node_modules/ get rebuilt and commited, land it, etc.

A few weeks ago this broke: aside from reacting with 👍 to the github comment, like here, it does absolutely nothing any more. Previously it recreated the PR from scratch, i.e. started again from current main branch and re-applied the corresponding npm module update.

@dependabot rebase does not work for our purposes, as a workflow always amends the node_modules/ submodule change to the dependabot commit, so it treats it as "user modified".

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

This happens to all our projects, and all recent dependabot PRs. The manifest or package.json seem to be irrelevant.
@martinpitt martinpitt added the T: bug 🐞 Something isn't working label Jul 7, 2024
@martinpitt martinpitt mentioned this issue Jul 7, 2024
Merged
@martinpitt
Copy link
Author

cockpit-project/cockpit-podman#1786 is another example. If you need more, we can easily give you a dozen more URLs, but this doesn't feel very specific to the project, npm module, or configuration.

@martinpitt
Copy link
Author

cockpit-project/cockpit-ostree#651 is a case where we don't even have an extra node_modules workflow amending the commit. This is a pure, pristine dependabot PR which refuses to recreate.

@martinpitt martinpitt mentioned this issue Jul 7, 2024
Merged
@taylorthurlow
Copy link

Probably same issue as #10118.

@martinpitt
Copy link
Author

Right, #10135 was about recreate and was closed as a duplicate. That's fine.

Closing as duplicate of #10118. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: git:submodules Git submodules L: go:modules Golang modules L: javascript T: bug 🐞 Something isn't working
Projects
Dependabot
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@martinpitt @taylorthurlow