You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
... and only found somewhat similar issues like #10267, which again points to #5288 and #6507.
tl;dr
Dependabot no longer uses configured private repositories for dependency version resolution.
Timeline
First failure recognition: 2024/07/19 ~18:00 UTC
Last success: 2024/07/18 ~18:00 UTC
Noticed that the first failing run is attended with dependabot appearing as a 'usual' GitHub Actions Dependabot updates run named gradle in /. - Update #123456789 #1.
rd-tobias-woerenkaemper
changed the title
Private repositories not used for version checks -> missing updates for internal libs
Private repositories not used for version checks -> missing updates for internal libs/plugins
Jul 23, 2024
Is there an existing issue for this?
... and only found somewhat similar issues like #10267, which again points to #5288 and #6507.
tl;dr
Dependabot no longer uses configured private repositories for dependency version resolution.
Timeline
First failure recognition: 2024/07/19 ~18:00 UTC
Last success: 2024/07/18 ~18:00 UTC
Noticed that the first failing run is attended with dependabot appearing as a 'usual' GitHub Actions
Dependabot updates
run namedgradle in /. - Update #123456789 #1
.Package ecosystem
gradle
Package manager version
8.8
Language version
Java 21
dependabot.yml content
Expected Behavior
Find and update dependencies based on the configured private repositories.
Actual Behavior
Only
https://repo.maven.apache.org:443/maven2
gets checked, which of course returns 404 for private artifacts.The text was updated successfully, but these errors were encountered: