dependabot dependabot-core issues

dependabot / dependabot-core

🤖 Dependabot's core logic for creating update PRs.

https://docs.github.com/en/code-security/dependabot

MIT License

4.73k stars 1.02k forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Bump System.Threading.Tasks.Dataflow from 6.0.0 to 9.0.0 in /nuget/helpers/lib/NuGetUpdater

#11016 dependabot[bot] opened 2 hours ago
0
Bump Microsoft.NET.Test.Sdk from 17.5.0 to 17.12.0 in /nuget/helpers/lib/NuGetUpdater

#11015 dependabot[bot] opened 2 hours ago
0
Bump DiffPlex from 1.7.1 to 1.7.2 in /nuget/helpers/lib/NuGetUpdater

#11014 dependabot[bot] opened 2 hours ago
0
Python metric collection

#11013 sachin-sandhu opened 5 hours ago
0
NuGet updater should set `VersionOverride` attribute when value in Directory.Packages.props doesn't match

#11012 brettfo opened 6 hours ago
0
Running `yarn install` before running the update checkoer

#11011 thavaahariharangit opened 9 hours ago
0
Exclude failing package updates from grouped PR

#11010 mpro7 opened 11 hours ago
0
Add support for cargo ecosystem metrics collection

#11009 amazimbe closed 10 hours ago
0
dotnet tools update fails if tool is not in csproj file

#11008 batje opened 15 hours ago
0
Bump nuget/helpers/lib/NuGet.Client from `1975634` to `c097388`

#11007 dependabot[bot] opened 1 day ago
0
Bump the prod-dependencies group across 1 directory with 21 updates

#11006 dependabot[bot] opened 1 day ago
0
Bump xunit.runner.visualstudio from 2.4.5 to 2.8.2 in /nuget/helpers/lib/NuGetUpdater

#11005 dependabot[bot] opened 1 day ago
0
Bump Microsoft.Web.Xdt from 3.0.0 to 3.1.0 in /nuget/helpers/lib/NuGetUpdater

#11004 dependabot[bot] closed 2 hours ago
0
Bump Microsoft.Extensions.FileProviders.Abstractions from 6.0.0 to 9.0.0 in /nuget/helpers/lib/NuGetUpdater

#11003 dependabot[bot] closed 3 hours ago
0
Bump Microsoft.CSharp from 4.3.0 to 4.7.0 in /nuget/helpers/lib/NuGetUpdater

#11002 dependabot[bot] closed 5 hours ago
0
Fix: Ensure Compatibility with npm >= 8 to Prevent Lockfile Downgrades

#11001 kbukum1 closed 3 days ago
0
gracefully exit if we can't solve an issue with peer dependencies

#11000 brettfo closed 3 days ago
0
Bump System.Security.Cryptography.ProtectedData from 8.0.0 to 9.0.0 in /nuget/helpers/lib/NuGetUpdater

#10999 dependabot[bot] closed 3 days ago
0
Bump System.ComponentModel.Composition from 7.0.0 to 9.0.0 in /nuget/helpers/lib/NuGetUpdater

#10998 dependabot[bot] closed 3 days ago
0
Bump xunit from 2.4.2 to 2.9.2 in /nuget/helpers/lib/NuGetUpdater

#10997 dependabot[bot] closed 5 hours ago
0
Bump NuGet.Core from 2.14.0-rtm-832 to 2.14.0 in /nuget/helpers/lib/NuGetUpdater

#10996 dependabot[bot] closed 3 days ago
0
project discovery reports its own imported and additional files

#10994 brettfo closed 3 days ago
0
Bump Newtonsoft.Json from 13.0.1 to 13.0.3 in /nuget/helpers/lib/NuGetUpdater

#10993 dependabot[bot] closed 3 days ago
0
Bump Microsoft.CodeAnalysis.CSharp from 4.9.2 to 4.11.0 in /nuget/helpers/lib/NuGetUpdater

#10992 dependabot[bot] closed 3 days ago
0
Bump Microsoft.Extensions.FileSystemGlobbing from 6.0.0 to 9.0.0 in /nuget/helpers/lib/NuGetUpdater

#10991 dependabot[bot] closed 3 days ago
0
Bump Microsoft.VisualStudio.Setup.Configuration.Interop from 3.4.2244 to 3.12.2149 in /nuget/helpers/lib/NuGetUpdater

#10990 dependabot[bot] closed 3 days ago
0
Bump MSBuildPackageVersion from 17.5.0 to 17.12.6 in /nuget/helpers/lib/NuGetUpdater

#10989 dependabot[bot] closed 4 days ago
0
Bump the all-actions group across 1 directory with 3 updates

#10988 dependabot[bot] opened 4 days ago
0
Bump nuget/helpers/lib/NuGet.Client from `1975634` to `88d2ca3`

#10987 dependabot[bot] closed 1 day ago
1
Enables python ecosystem metric collection

#10986 sachin-sandhu closed 1 day ago
1
Set Default `npm` Version to 10 Under enable_corepack_for_npm_and_yarn Feature Flag

#10985 kbukum1 closed 4 days ago
0
Add Dependabot configuration for NuGet and git submodule

#10984 JamieMagee closed 4 days ago
2
Bump the prod-dependencies group across 1 directory with 21 updates

#10983 dependabot[bot] closed 1 day ago
1
Dependabot enforcing engine-strict but with an old npm on Action Runners in last few days

#10982 broksonic21 closed 7 hours ago
22
remove duplicate TFMs when considering updates

#10981 brettfo closed 4 days ago
0
Handle paths with multiple case-insenstive matches on disk.

#10980 sebasgomez238 closed 2 hours ago
0
v0.288.0

#10978 dependabot-core-action-automation[bot] closed 4 days ago
0
Add `npm_and_yarn` package managers' requirements to ecosystem metrics

#10977 kbukum1 opened 5 days ago
0
Remove dedup_branch_names ff and existing_branches array

#10976 Nishnha closed 4 days ago
0
Fix Sorbet Typings for `npm_and_yarn` Ecosystem Package Manager and Helpers

#10975 kbukum1 closed 5 days ago
0
allow `null` when parsing `job.debug` field

#10974 brettfo closed 5 days ago
0
Use private pypi registry without insecure-external-code-execution

#10972 mhaley-tignis opened 5 days ago
1
Groups are all messed up

#10971 lishaduck opened 5 days ago
0
Logger can also be BroadcastLogger

#10970 jurre closed 5 days ago
0
Dependabot creating PR too soon after last PR auto-merges, resulting in on out-of-date with base branch

#10969 devanubis opened 5 days ago
1
Use least restrictive version during update of package.json

#10968 daveisfera opened 5 days ago
0
from version not logged for pip package ecosystem

#10967 daveisfera opened 5 days ago
0
Bump the prod-dependencies group across 1 directory with 20 updates

#10966 dependabot[bot] closed 4 days ago
1
v0.287.0

#10965 dependabot-core-action-automation[bot] closed 6 days ago
0
Don't allow NuGet tasks to call vulnerability APIs

#10964 brettfo opened 6 days ago
1