search

dependabot / dependabot-core

🤖 Dependabot's core logic for creating update PRs.
https://docs.github.com/en/code-security/dependabot
MIT License
4.74k stars 1.03k forks source link

Dependabot Update Error #10744

Open hitensam opened 1 month ago

hitensam commented 1 month ago

Is there an existing issue for this?

Package ecosystem

nuget

Package manager version

No response

Language version

net8.0

Manifest location and content before the Dependabot update

No response

dependabot.yml content

Updated dependency

No response

What you expected to see, versus what you actually saw

+--------------------------------------------------------------------------------------------------+ | Changes to Dependabot Pull Requests | +---------+----------------------------------------------------------------------------------------+ | created | Microsoft.Azure.Functions.Worker.Extensions.Timer ( from 4.1.0 to 4.3.1 ) | | created | Microsoft.Azure.Functions.Worker.Sdk ( from 1.17.0 to 1.18.0 ) | | created | Microsoft.Azure.Functions.Worker.Extensions.Http ( from 3.1.0 to 3.2.0 ) | | created | Azure.Storage.Blobs ( from 12.21.2 to 12.22.1 ) | | created | Microsoft.Azure.Functions.Worker.ApplicationInsights ( from 1.2.0 to 1.4.0 ) | | created | Microsoft.Azure.Functions.Worker ( from 1.21.0 to 1.23.0 ) | | created | Microsoft.Azure.Functions.Worker.Extensions.ServiceBus ( from 5.16.0 to 5.22.0 ) | | created | Microsoft.Azure.Functions.Worker.Extensions.Storage.Blobs ( from 6.3.0 to 6.6.0 ) | | created | ClosedXML ( from 0.102.3 to 0.104.1 ), DocumentFormat.OpenXml ( from 2.16.0 to 3.0.1 ) | +---------+----------------------------------------------------------------------------------------+ | Dependencies failed to update | +------------------------+---------------------+ | DocumentFormat.OpenXml | update_not_possible | +------------------------+---------------------+ Failure running container [container-id]

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

brettfo commented 1 month ago

Could you provide some more information about what you're expecting to see? Along with that, do you have a full log you could share?

hitensam commented 1 month ago

I was not expecting to see something like this:

image

I think there must be some dependencies among the modules.

Logs: 0_Dependabot.txt

baynezy commented 1 month ago

@hitensam are you using <RestorePackagesWithLockFile>true</RestorePackagesWithLockFile> to create package.lock.json files?

hitensam commented 1 month ago

@baynezy Thanks for your response!!

<RestorePackagesWithLockFile>true</RestorePackagesWithLockFile> is no where specified in my .csproj.

brettfo commented 1 month ago

Thank you for attaching the log. Line 2904 reports the following:

Package [DocumentFormat.OpenXml] could not be updated in [/home/dependabot/dependabot-updater/repo/<Project-Name>/<Project-Name>/Utility/Utility.csproj] because it would cause a dependency conflict.

The issue is commonly with transitive dependencies and/or shared dependencies with other packages that would need to be updated in parallel. We've been experimenting with how to properly solve these, but there's still more progress to be made.

hitensam commented 1 month ago

@brettfo Thanks for your response!!