search

ahmadnassri / action-dependabot-auto-merge

Automatically merge Dependabot PRs when version comparison is within range
MIT License
342 stars 48 forks source link

devDependencies are recognized as production #102

Open patricksturm opened 3 years ago

patricksturm commented 3 years ago

Our devDependencies are NOT recognized as dependency type: development.

Extract from package.json:

  "devDependencies": {
    "@testing-library/react-hooks": "^5.1.3",
    "serve": "^11.3.2"
  }

And output from the GithubAction:

loaded merge config: 
- match:
    dependency_type: development
    update_type: all

- match:
    dependency_type: production
    update_type: security:minor

- match:
    dependency_type: production
    update_type: semver:minor
title: "Bump @testing-library/react-hooks from 5.1.3 to 7.0.2 in /frontend"
depName: @testing-library/react-hooks
from: 5.1.3
to: 7.0.2
dependency type: production
security critical: false
config: production:security:minor
config: production:semver:minor
manual merging required

and

loaded merge config: 
- match:
    dependency_type: development
    update_type: all

- match:
    dependency_type: production
    update_type: security:minor

- match:
    dependency_type: production
    update_type: semver:minor
title: "Bump serve from 11.3.2 to 12.0.1 in /frontend"
depName: serve
from: 11.3.2
to: 12.0.1
dependency type: production
security critical: false
config: production:security:minor
config: production:semver:minor
manual merging required

Any suggestions?

patricksturm commented 3 years ago

I found the problem. It's because the package.json is not directly in the root directory. It is in a subdirectory. Will create a PR.

Dgame commented 2 years ago

The same seems to be true for php / composer. Although phpunit is declared (as it should be) under require-dev, it is identified as a production type.

stebl commented 1 year ago

I ran into this as well. Is there a way to specify a working dir?

julianajuliano commented 1 year ago

Same is happening for ruby dependencies