Open chris-smith-zocdoc opened 4 months ago
Thank you for filing the issue, it does appear to be caused by the PR you linked.
I'll start investigating and working on a fix now.
I should have this working in #10217. PR is currently set to draft while I explore other scenarios.
@chris-smith-zocdoc this is now shipped, please let us know if it recurs
Thanks @abdulapopoola @brettfo I'm seeing this working again for many cases, but there appears to be some packages where it remains broken and previously worked.
Amazon.CDK.Lib
is affected.
You can see the last time "commits" appeared in a depenedabot pr for this package was 18 days ago
Looking at the nuspec for this package, it is very minimal. I think the particular line that is interesting here is the repository
<repository type="git" url="https://github.com/aws/aws-cdk.git" />
It has a .git
suffix and is lacking the commit
attribute. Successful packages I've looked at include the commit and don't end in .git
Tagging @brettfo
@chris-smith-zocdoc Do you have a log from a recent run that didn't contain commits? I just pulled the latest version of the dependabot-updater-nuget:latest
image and ran a job and it's generating the 3 <details><summary>
entries in the PR body: "Release notes", "Changelog", and "Commits". I'm guessing the PRs from your query are from before I reverted the change that includes the commit info (and that was a straight revert on the file, not a fix.)
Dependabot opened a pull request on my repo and forgot to include changelogs (or even any info on what dependencies changed)
https://github.com/Araxeus/vendorfiles/pull/86
EDIT: I opened a new issue #10435
Dependabot opened a pull request on my repo and forgot to include changelogs (or even any info on what dependencies changed)
@Araxeus Can you open a new issue with these details? The PR you linked is for an NPM dependency and the changes I've been making have only been in the NuGet updater.
Is there an existing issue for this?
Package ecosystem
nuget
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
No response
dependabot.yml content
No response
Updated dependency
No response
What you expected to see, versus what you actually saw
Dependabot used to include the commits/changelog when available, but I think this stopped working ~ 5 days ago (according to this github search https://github.com/search?q=dependabot+label%3A.NET+changelog&type=pullrequests&s=created&o=desc )
Heres an example from a random repo
Worked on Jun 28th https://github.com/bervProject/SimplePasswordManagerService/pull/1374
Broken on July 5th https://github.com/bervProject/SimplePasswordManagerService/pull/1376
The timeline matches with this PR which looks related https://github.com/dependabot/dependabot-core/pull/10025
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response