Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot tries to update more dependencies than declared #9661

Open
1 task done
mauroservienti opened this issue May 3, 2024 · 1 comment
Open
1 task done

Dependabot tries to update more dependencies than declared #9661

mauroservienti opened this issue May 3, 2024 · 1 comment
Labels
L: dotnet:nuget NuGet packages via nuget or dotnet L: git:submodules Git submodules L: github:actions GitHub Actions T: bug 🐞 Something isn't working

Comments

@mauroservienti
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

Nuget

Package manager version

No response

Language version

C#

Manifest location and content before the Dependabot update

As you can see from this dependabot PR, the updated dependencies are way more than what they should be. it should only be updating xunit.runner.visualstudio and not all the other dependencies.

dependabot.yml content

version: 2
updates:
- package-ecosystem: nuget
  directory: "/"
  schedule:
    interval: daily
  open-pull-requests-limit: 10
  target-branch: master
- package-ecosystem: github-actions
  directory: "/"
  schedule:
    interval: daily
  open-pull-requests-limit: 10
  target-branch: master

Updated dependency

xunit.runner.visualstudio from 2.5.7 to 2.8.0, but it's happening for all dependencies

What you expected to see, versus what you actually saw

Only the mentioned dependency is updated, and not all of the dependencies in the project.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response
@mauroservienti mauroservienti added the T: bug 🐞 Something isn't working label May 3, 2024
@github-actions github-actions bot added L: dotnet:nuget NuGet packages via nuget or dotnet L: git:submodules Git submodules L: github:actions GitHub Actions labels May 3, 2024
@mauroservienti
Copy link
Author

It continues to happen, here is a PR raised about 1 hour ago: ServiceComposer/ServiceComposer.AspNetCore#687

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: dotnet:nuget NuGet packages via nuget or dotnet L: git:submodules Git submodules L: github:actions GitHub Actions T: bug 🐞 Something isn't working
Projects
Dependabot
Status: Planned
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mauroservienti