dependabot/dependabot-core

Issues

• Support cloudbuild.yaml files for google cloudbuild

  #11105 opened 14 days ago by nate-selzer
  0

• NuGet updater needs to pull all transitive packages to determine if update possible

  #11103 opened 14 days ago by brettfo
  0

• NuGet updater is missing an opportunity to report dependency update not possible if source has to package in `packages.config` scenario

  #11102 opened 14 days ago by brettfo
  0

• NuGet dependency discovery is missing an opportunity to report `dependency_file_not_found`

  #11101 opened 14 days ago by brettfo
  0

• NuGet with `packages.config` has issues when MSBuild `Pkg` variables are used.

  #11100 opened 14 days ago by brettfo
  0

• NuGet dependency discovery fails with unexpected global.json content

  #11050 opened 15 days ago by brettfo
  0

• [Grouped updates] Incorrect "Skipping <dependency> as it has already been handled by a previous group"

  #11093 opened 16 days ago by edmorley
  0

• dotnet tools update fails if tool is not in csproj file

  #11008 opened 16 days ago by batje
  4

• Using Private Shared GitHub Action Workflows in my Organisation breaks dependabot

  #11018 opened a month ago by baynezy
  4

• NPM Install from a private registry

  #11038 opened 23 days ago by steve-gombos
  2

• `dotnet-sdk` illformed requirement

  #11074 opened 19 days ago by JamieMagee
  0

• Have influence on the NODEJS version the dependabot action is taking place

  #11069 opened 20 days ago by maapteh
  0

• Dependabot keeps creating PRs even when disabled and commented out

  #11057 opened 21 days ago by jsattler
  3

• Version suffix should be respected

  #11068 opened 20 days ago by yeikel
  0

• NuGet dependency discovery is missing an opportunity to report `dependency_file_not_parsable`

  #10954 opened a month ago by brettfo
  0

• Generates empty PRs from pinned commits

  #11020 opened a month ago by lishaduck
  1

• Dependabot is stuck in "checking now"

  #11019 opened a month ago by balakrishna211221
  1

• Can not upgrade docker base image correctly while using os and arch tag

  #10941 opened a month ago by MikyChow
  1

• Go tidy not run in grouped go.mod updates

  #11046 opened 23 days ago by ivanvc
  0

• Dependabot ignores constraints in .yml and package.json, creating PRs for minor version updates

  #11045 opened 23 days ago by lakshmimsft
  0

• Lock file update fails if project is windows specific

  #11036 opened 24 days ago by na1307
  1

• Dependabot is failing to authenticate against a private Hex Repisotiry

  #11031 opened a month ago by adamtharani
  0

• @Dependabot API ignore major version seemingly not working

  #10923 opened a month ago by smcvb
  5

• Dependabot cannot update package because of git_dependency_reference_not_found

  #11022 opened a month ago by paivin-dn
  0

• NuGet updater should set `VersionOverride` attribute when value in Directory.Packages.props doesn't match

  #11012 opened a month ago by brettfo
  0

• Dependabot enforcing engine-strict but with an old npm on Action Runners in last few days

  #10982 opened a month ago by broksonic21
  22

• Exclude failing package updates from grouped PR

  #11010 opened a month ago by mpro7
  0

• Use private pypi registry without insecure-external-code-execution

  #10972 opened a month ago by mhaley-tignis
  1

• Dependabot creating PR too soon after last PR auto-merges, resulting in on out-of-date with base branch

  #10969 opened a month ago by devanubis
  1

• Groups are all messed up

  #10971 opened a month ago by lishaduck
  0

• Use least restrictive version during update of package.json

  #10968 opened a month ago by daveisfera
  0

• from version not logged for pip package ecosystem

  #10967 opened a month ago by daveisfera
  0

• Difference in casing in `.sln` file can cause project not to be discovered

  #10957 opened a month ago by brettfo
  0

• Don't allow NuGet tasks to call vulnerability APIs

  #10964 opened a month ago by brettfo
  1

• Dependabot suggests version bump that conflicts with version spec in pyproject.toml

  #10962 opened a month ago by DonDebonair
  0

• [berry] when `.yarnrc.yml` have plugin, fail as `dependency_file_not_resolvable`

  #10961 opened a month ago by ncaq
  0

• Dependabot fails with unknown error

  #10945 opened a month ago by akurtakov
  0

• NuGet updater needs to sideline `Directory.Build.rsp` files with environment variables

  #10943 opened a month ago by brettfo
  0

• Certificate in GitHub repo for fastlane match can't be loaded

  #10942 opened a month ago by daveisfera
  0

• Dependabot group for patterns "rack" and "rack-*" including unexpected gems

  #10940 opened a month ago by bjeanes
  0

• NoMethodError: undefined method `to_sym' for an instance of Hash

  #10935 opened a month ago by sentry-io
  1

• Dependabot doesn't use pre-install hook

  #10927 opened a month ago by VincentLanglet
  0

• Dependabot updates the all images in a yaml spec that have the same tag (despite for only one the new tag exists)

  #10930 opened a month ago by chicco785
  0

• dependabot version update is failing with yarn

  #10928 opened a month ago by MDSLKTR
  0

• dependabot not picking up github-actions updates using semver

  #10924 opened a month ago by v1v
  1

• Update version and comment for SHA-pinned Terraform modules

  #10926 opened a month ago by kristian-lesko
  0

• Bump Golang group deps with replace directive

  #10925 opened a month ago by mcbenjemaa
  0

• cargo git dependencies with git tag are not updated correctly

  #10913 opened 2 months ago by Itsusinn
  1

• Pull request title and body do not mention all the updated versions

  #10901 opened 2 months ago by yeikel
  0

• Add HTTP support (for private, self-hosted project management systems like gitlab)

  #10898 opened 2 months ago by ITaluone
  0