Dependabot generates broken PRs for NuGet when lockfiles, private GitHub feeds and package source mappings are used

[skolima]

Is there an existing issue for this?

• [X] I have searched the existing issues

Package ecosystem

NuGet

Package manager version

No response

Language version

No response

Manifest location and content before the Dependabot update

Directory.Build.targets:

<Project>
    <PropertyGroup>
        <TreatWarningsAsErrors>true</TreatWarningsAsErrors>
    </PropertyGroup> 

    <!-- GitHub Actions NuGet cache recommendation -->
    <PropertyGroup>
        <DisableImplicitNuGetFallbackFolder>true</DisableImplicitNuGetFallbackFolder>
        <RestorePackagesWithLockFile>true</RestorePackagesWithLockFile>
    </PropertyGroup> 

    <ItemGroup>
        <PackageReference Include="JetBrains.Annotations" PrivateAssets="All"/>
    </ItemGroup>
</Project>

Directory.Packages.props:

<Project>
  <PropertyGroup>
    <ManagePackageVersionsCentrally>true</ManagePackageVersionsCentrally>
    <CentralPackageTransitivePinningEnabled>true</CentralPackageTransitivePinningEnabled>
  </PropertyGroup>

  <ItemGroup>
    <PackageVersion Include="ORGANIZATION.PrivatePackage" Version="1.4.0" />
    <PackageVersion Include="JetBrains.Annotations" Version="2024.2.0" />
  </ItemGroup>
</Project>

TestProject.csproj:

<Project Sdk="Microsoft.NET.Sdk.Worker">
    <PropertyGroup>
        <TargetFramework>net8.0</TargetFramework>
    </PropertyGroup> 

    <ItemGroup>
      <PackageReference Include="ORGANIZATION.PrivatePackage" />
    </ItemGroup>
</Project>

packages.lock.json is required, can be auto-generated - I'm omitting it here for brevity.

Nuget.Config:

<?xml version="1.0" encoding="utf-8"?>
<configuration>
  <packageSources>
    <add key="github" value="https://nuget.pkg.github.com/ORGANIZATION/index.json" />
  </packageSources>
  <packageSourceMapping>
    <packageSource key="nuget.org">
      <package pattern="*" />
    </packageSource>
    <packageSource key="github">
      <package pattern="ORGANIZATION.*" />
    </packageSource>
  </packageSourceMapping>
</configuration>

dependabot.yml content

version: 2
registries:
  organization-github-nuget:
    type: nuget-feed
    url: https://nuget.pkg.github.com/ORGANIZATION/index.json
    username: dependabot
    # Currently (October 2024) Dependabot still can't use GITHUB_TOKEN here
    # https://github.com/dependabot/dependabot-core/issues/8411
    # https://github.com/dependabot/dependabot-core/issues/3360
    password: ${{ secrets.PACKAGE_TOKEN }}
updates:
  - package-ecosystem: "nuget"
    registries: "*"
    directory: "/"
    schedule:
      interval: "weekly"

Updated dependency

JetBrains.Annotations and ORGANIZATION.PrivatePackage

What you expected to see, versus what you actually saw

Note: there's 2 issues here.

• instead of updating the private dependency which Dependabot can authorize to fetch using secrets.PACKAGE_TOKEN, Dependabot generates no change to the .csproj file but instead wipes the contents of packages.lock.json
• Dependabot fails to fetch dependencies from nuget.org with the config - I can not work out from the existing documentation how to set this up, help (and update to the docs) would be much appreciated. The problem is that there are 2 nuget packageSourceMapping defined, and while I can configure authentication for the first one (the custom one), I can not work out how to get Dependabot to not ignore the default nuget.org source which other dotnet tools use normally for this project.

Native package manager behavior

Packages update correctly, with ORGANIZATION.PrivatePackage being taken from the authenticated (either - on developer machine - with user credentials; or - in GitHub actions builds - using native GITHUB_TOKEN) and with public package being taken from nuget.org

Images of the diff or a link to the PR, issue, or logs

logs:

``` Logs: 2024-10-28T15:57:58.3334382Z ##[group]Run github/dependabot-action@main 2024-10-28T15:57:58.3335234Z env: 2024-10-28T15:57:58.3335634Z DEPENDABOT_DISABLE_CLEANUP: 1 2024-10-28T15:57:58.3336180Z DEPENDABOT_ENABLE_CONNECTIVITY_CHECK: 0 2024-10-28T15:57:58.3337061Z GITHUB_TOKEN: *** 2024-10-28T15:57:58.3337944Z GITHUB_DEPENDABOT_JOB_TOKEN: *** 2024-10-28T15:57:58.3338909Z GITHUB_DEPENDABOT_CRED_TOKEN: *** 2024-10-28T15:57:58.3339514Z ##[endgroup] 2024-10-28T15:57:58.6349667Z 🤖 ~ starting update ~ 2024-10-28T15:57:58.6393395Z Fetching job details 2024-10-28T15:57:59.2787416Z ##[group]Pulling updater images 2024-10-28T15:57:59.2789846Z Pulling image ghcr.io/dependabot/dependabot-updater-nuget:78d42a4932e7c11d239271db7b2d345aec5253f8... 2024-10-28T15:58:44.9477073Z Pulled image ghcr.io/dependabot/dependabot-updater-nuget:78d42a4932e7c11d239271db7b2d345aec5253f8 2024-10-28T15:58:44.9491722Z Pulling image ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy:v2.0.20241004183849@sha256:5e895b5edfaba72e99d0a19b43f386b18b65fc08a2d43af5aedd6360cda56842... 2024-10-28T15:58:45.5965992Z Pulled image ghcr.io/github/dependabot-update-job-proxy/dependabot-update-job-proxy:v2.0.20241004183849@sha256:5e895b5edfaba72e99d0a19b43f386b18b65fc08a2d43af5aedd6360cda56842 2024-10-28T15:58:45.5970237Z ##[endgroup] 2024-10-28T15:58:45.5971334Z Starting update process 2024-10-28T15:58:45.9405605Z Created proxy container: 19f72d83dc1a6d2b9d11292a9aa121a98814fbc220027a0fb0c0f1375c36fde0 2024-10-28T15:58:46.3078529Z Created container: 07a59edb31e1c547d850142ce0b3c2511906b88ae318750470a477fc0af26b6d 2024-10-28T15:58:46.3185042Z proxy | 2024/10/28 15:58:46 proxy starting, commit: 4ff727a3a0f3cf493d1700d4ceec3c6f880b430e 2024-10-28T15:58:46.3206966Z proxy | 2024/10/28 15:58:46 fetching service index for nuget feed https://nuget.pkg.github.com/ORGANIZATION/index.json 2024-10-28T15:58:46.3293033Z proxy | 2024/10/28 15:58:46 * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:46.4473204Z proxy | 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION/download 2024-10-28T15:58:46.4475818Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION/query 2024-10-28T15:58:46.4478199Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION/query 2024-10-28T15:58:46.4480827Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION/query 2024-10-28T15:58:46.4482878Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION 2024-10-28T15:58:46.4484873Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION 2024-10-28T15:58:46.4509228Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION 2024-10-28T15:58:46.4511578Z 2024/10/28 15:58:46 added url to authentication list: https://nuget.pkg.github.com/ORGANIZATION 2024-10-28T15:58:46.4512997Z 2024/10/28 15:58:46 Listening (:1080) 2024-10-28T15:58:46.5488090Z updater | Updating certificates in /etc/ssl/certs... 2024-10-28T15:58:47.5215503Z updater | rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL 2024-10-28T15:58:47.5290990Z updater | 1 added, 0 removed; done. 2024-10-28T15:58:47.5302674Z updater | Running hooks in /etc/ca-certificates/update.d... 2024-10-28T15:58:47.5367345Z updater | done. 2024-10-28T15:58:47.5770775Z updater | NuGet native updater experiment value: null 2024-10-28T15:58:50.2294073Z updater | 2024/10/28 15:58:50 INFO Starting job processing 2024-10-28T15:58:50.2307444Z updater | 2024/10/28 15:58:50 INFO Job definition: {"job":{"allowed-updates":[{"dependency-type":"direct","update-type":"all"}],"commit-message-options":{"prefix":null,"prefix-development":null,"include-scope":null},"credentials-metadata":[{"type":"nuget_feed","url":https://nuget.pkg.github.com/ORGANIZATION/index.json},{"type":"git_source","host":"github.com"}],"debug":null,"dependencies":null,"dependency-groups":[],"dependency-group-to-refresh":null,"existing-pull-requests":[],"existing-group-pull-requests":[],"experiments":{"record-ecosystem-versions":true,"record-update-job-unknown-error":true,"proxy-cached":true,"move-job-token":true,"dependency-change-validation":true,"composer-v1-deprecation-warning":true,"version-lowest-prerelease-suffix":true,"lead-security-dependency":true},"ignore-conditions":[],"lockfile-only":false,"max-updater-run-time":2700,"package-manager":"nuget","proxy-log-response-body-on-auth-failure":true,"requirements-update-strategy":null,"reject-external-code":false,"security-advisories":[],"security-updates-only":false,"source":{"provider":"github","repo":"20230029999_EYGS/dependabot-private-nuget","branch":null,"directory":"/.","api-endpoint":https://api.github.com/,"hostname":"github.com"},"updating-a-pull-request":false,"update-subdependencies":false,"vendor-dependencies":false,"repo-private":true}} 2024-10-28T15:58:50.5913181Z proxy | 2024/10/28 15:58:50 [002] GET https://github.com:443/20230029999_EYGS/dependabot-private-nuget/info/refs?service=git-upload-pack 2024-10-28T15:58:50.5919790Z proxy | 2024/10/28 15:58:50 [002] * authenticating git server request (host: github.com) 2024-10-28T15:58:50.7044490Z proxy | 2024/10/28 15:58:50 [002] 200 https://github.com:443/20230029999_EYGS/dependabot-private-nuget/info/refs?service=git-upload-pack 2024-10-28T15:58:50.7388016Z proxy | 2024/10/28 15:58:50 [004] POST https://github.com:443/20230029999_EYGS/dependabot-private-nuget/git-upload-pack 2024-10-28T15:58:50.7389898Z proxy | 2024/10/28 15:58:50 [004] * authenticating git server request (host: github.com) 2024-10-28T15:58:50.8242148Z proxy | 2024/10/28 15:58:50 [004] 200 https://github.com:443/20230029999_EYGS/dependabot-private-nuget/git-upload-pack 2024-10-28T15:58:50.8587405Z proxy | 2024/10/28 15:58:50 [006] POST https://github.com:443/20230029999_EYGS/dependabot-private-nuget/git-upload-pack 2024-10-28T15:58:50.8593430Z proxy | 2024/10/28 15:58:50 [006] * authenticating git server request (host: github.com) 2024-10-28T15:58:50.9587510Z proxy | 2024/10/28 15:58:50 [006] 200 https://github.com:443/20230029999_EYGS/dependabot-private-nuget/git-upload-pack 2024-10-28T15:58:51.1286684Z updater | 2024/10/28 15:58:51 INFO Base commit SHA: b3f6b674faa6661bc30a979724c55e7f85b6180a 2024-10-28T15:58:51.1295223Z updater | 2024/10/28 15:58:51 INFO Finished job processing 2024-10-28T15:58:51.1725778Z updater | NuGet native updater experiment value: null 2024-10-28T15:58:53.7408510Z updater | 2024/10/28 15:58:53 INFO Starting job processing 2024-10-28T15:58:53.8013900Z updater | running NuGet discovery: 2024-10-28T15:58:53.8016582Z /opt/nuget/NuGetUpdater/NuGetUpdater.Cli discover --repo-root /home/dependabot/dependabot-updater/repo --workspace / --output /tmp/.dependabot/discovery.1.json 2024-10-28T15:58:55.1353590Z proxy | 2024/10/28 15:58:55 [008] GET https://nuget.pkg.github.com:443/ORGANIZATION/index.json 2024-10-28T15:58:55.1355257Z proxy | 2024/10/28 15:58:55 [008] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:55.1713190Z proxy | 2024/10/28 15:58:55 [008] 200 https://nuget.pkg.github.com:443/ORGANIZATION/index.json 2024-10-28T15:58:55.2800184Z proxy | 2024/10/28 15:58:55 [024] GET https://nuget.pkg.github.com:443/ORGANIZATION/microsoft.net.sdk.maui.manifest-9.0.100-rc.1/index.json 2024-10-28T15:58:55.2807621Z proxy | 2024/10/28 15:58:55 [024] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:55.2961817Z proxy | 2024/10/28 15:58:55 [025] GET https://nuget.pkg.github.com:443/ORGANIZATION/microsoft.net.workload.emscripten.current.manifest-9.0.100-rc.1/index.json 2024-10-28T15:58:55.2969409Z proxy | 2024/10/28 15:58:55 [025] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:55.2979488Z proxy | 2024/10/28 15:58:55 [024] 404 https://nuget.pkg.github.com:443/ORGANIZATION/microsoft.net.sdk.maui.manifest-9.0.100-rc.1/index.json ------ trimmed a lot of retries ---- 2024-10-28T15:58:58.0713206Z updater | Discovering build files in workspace [/home/dependabot/dependabot-updater/repo]. 2024-10-28T15:58:58.0714576Z No dotnet-tools.json file found. 2024-10-28T15:58:58.0715535Z No global.json file found. 2024-10-28T15:58:58.0716234Z Discovering projects beneath [.]. 2024-10-28T15:58:58.0717079Z No packages.config file found. 2024-10-28T15:58:58.0718627Z dotnet build in GetAllPackageDependenciesAsync failed. STDOUT: Determining projects to restore... 2024-10-28T15:58:58.0723428Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'JetBrains.Annotations (= 2024.2.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0728909Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0733246Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration.Binder (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0737758Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0742227Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Messaging.EventHubs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0886872Z Failed to restore /tmp/package-dependency-resolution_sQwvxQ/Project.csproj (in 2.03 sec). 2024-10-28T15:58:58.0887775Z 2024-10-28T15:58:58.0888010Z Build FAILED. 2024-10-28T15:58:58.0888417Z 2024-10-28T15:58:58.0890299Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'JetBrains.Annotations (= 2024.2.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0894015Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0897979Z /tmp/package-dependency-resolution_sQwvxQ/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration.Binder (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:58:58.0965519Z 0 Warning(s) 2024-10-28T15:58:58.0966134Z 18 Error(s) 2024-10-28T15:58:58.0966576Z 2024-10-28T15:58:58.0966807Z Time Elapsed 00:00:03.28 2024-10-28T15:58:58.0967548Z 2024-10-28T15:58:58.0967773Z STDERR: 2024-10-28T15:58:58.0968131Z 2024-10-28T15:58:58.0968464Z Discovered [Directory.Packages.props] file. 2024-10-28T15:58:58.0969400Z Discovery complete. 2024-10-28T15:58:58.0970438Z updater | 2024/10/28 15:58:58 INFO Discovery JSON content: { 2024-10-28T15:58:58.0971550Z "Path": "", 2024-10-28T15:58:58.0972142Z "IsSuccess": true, 2024-10-28T15:58:58.0972680Z "Projects": [ 2024-10-28T15:58:58.0973317Z { 2024-10-28T15:58:58.0973925Z "FilePath": "Directory.Build.targets", 2024-10-28T15:58:58.0974698Z "Dependencies": [ 2024-10-28T15:58:58.0975420Z { 2024-10-28T15:58:58.0975996Z "Name": "JetBrains.Annotations", 2024-10-28T15:58:58.0976943Z "Version": "2024.2.0", 2024-10-28T15:58:58.0977724Z "Type": "PackageReference", 2024-10-28T15:58:58.0978468Z "EvaluationResult": { 2024-10-28T15:58:58.0979311Z "ResultType": "Success", 2024-10-28T15:58:58.0980155Z "OriginalValue": "2024.2.0", 2024-10-28T15:58:58.0980912Z "EvaluatedValue": "2024.2.0", 2024-10-28T15:58:58.0981841Z "RootPropertyName": null, 2024-10-28T15:58:58.0982572Z "ErrorMessage": null 2024-10-28T15:58:58.0983346Z }, 2024-10-28T15:58:58.0983919Z "TargetFrameworks": null, 2024-10-28T15:58:58.0984638Z "IsDevDependency": false, 2024-10-28T15:58:58.0985466Z "IsDirect": true, 2024-10-28T15:58:58.0986214Z "IsTransitive": false, 2024-10-28T15:58:58.0987169Z "IsOverride": false, 2024-10-28T15:58:58.0987933Z "IsUpdate": false, 2024-10-28T15:58:58.0988590Z "InfoUrl": null 2024-10-28T15:58:58.0989317Z } 2024-10-28T15:58:58.0989844Z ], 2024-10-28T15:58:58.0990842Z "IsSuccess": true, 2024-10-28T15:58:58.0991551Z "Properties": [], 2024-10-28T15:58:58.0992388Z "TargetFrameworks": [], 2024-10-28T15:58:58.0993088Z "ReferencedProjectPaths": [] 2024-10-28T15:58:58.0993888Z }, 2024-10-28T15:58:58.0994438Z { 2024-10-28T15:58:58.0995123Z "FilePath": "ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj", 2024-10-28T15:58:58.0996087Z "Dependencies": [ 2024-10-28T15:58:58.0996713Z { 2024-10-28T15:58:58.0997629Z "Name": "ORGANIZATION.PrivatePackage", 2024-10-28T15:58:58.0998384Z "Version": "1.4.0", 2024-10-28T15:58:58.0999067Z "Type": "PackageReference", 2024-10-28T15:58:58.0999886Z "EvaluationResult": { 2024-10-28T15:58:58.1000600Z "ResultType": "Success", 2024-10-28T15:58:58.1001327Z "OriginalValue": "1.4.0", 2024-10-28T15:58:58.1002173Z "EvaluatedValue": "1.4.0", 2024-10-28T15:58:58.1002917Z "RootPropertyName": null, 2024-10-28T15:58:58.1003800Z "ErrorMessage": null 2024-10-28T15:58:58.1004526Z }, 2024-10-28T15:58:58.1005103Z "TargetFrameworks": [ 2024-10-28T15:58:58.1005896Z "net8.0" 2024-10-28T15:58:58.1006472Z ], 2024-10-28T15:58:58.1007058Z "IsDevDependency": false, 2024-10-28T15:58:58.1007885Z "IsDirect": true, 2024-10-28T15:58:58.1008540Z "IsTransitive": false, 2024-10-28T15:58:58.1009354Z "IsOverride": false, 2024-10-28T15:58:58.1010036Z "IsUpdate": false, 2024-10-28T15:58:58.1010632Z "InfoUrl": null 2024-10-28T15:58:58.1011332Z }, 2024-10-28T15:58:58.1011844Z { 2024-10-28T15:58:58.1012438Z "Name": "JetBrains.Annotations", 2024-10-28T15:58:58.1013281Z "Version": "2024.2.0", 2024-10-28T15:58:58.1013979Z "Type": "PackageReference", 2024-10-28T15:58:58.1014744Z "EvaluationResult": { 2024-10-28T15:58:58.1015538Z "ResultType": "Success", 2024-10-28T15:58:58.1016324Z "OriginalValue": "2024.2.0", 2024-10-28T15:58:58.1017183Z "EvaluatedValue": "2024.2.0", 2024-10-28T15:58:58.1017965Z "RootPropertyName": null, 2024-10-28T15:58:58.1018750Z "ErrorMessage": null 2024-10-28T15:58:58.1019785Z }, 2024-10-28T15:58:58.1020378Z "TargetFrameworks": [ 2024-10-28T15:58:58.1021046Z "net8.0" 2024-10-28T15:58:58.1021699Z ], 2024-10-28T15:58:58.1022288Z "IsDevDependency": false, 2024-10-28T15:58:58.1023130Z "IsDirect": false, 2024-10-28T15:58:58.1023855Z "IsTransitive": false, 2024-10-28T15:58:58.1024580Z "IsOverride": false, 2024-10-28T15:58:58.1025398Z "IsUpdate": false, 2024-10-28T15:58:58.1026124Z "InfoUrl": null 2024-10-28T15:58:58.1027054Z }, 2024-10-28T15:58:58.1027689Z { 2024-10-28T15:58:58.1028231Z "Name": "Microsoft.NET.Sdk.Worker", 2024-10-28T15:58:58.1029159Z "Version": null, 2024-10-28T15:58:58.1029829Z "Type": "MSBuildSdk", 2024-10-28T15:58:58.1030510Z "EvaluationResult": null, 2024-10-28T15:58:58.1031350Z "TargetFrameworks": null, 2024-10-28T15:58:58.1032077Z "IsDevDependency": false, 2024-10-28T15:58:58.1032797Z "IsDirect": false, 2024-10-28T15:58:58.1033550Z "IsTransitive": false, 2024-10-28T15:58:58.1034225Z "IsOverride": false, 2024-10-28T15:58:58.1034998Z "IsUpdate": false, 2024-10-28T15:58:58.1035650Z "InfoUrl": null 2024-10-28T15:58:58.1036252Z } 2024-10-28T15:58:58.1036886Z ], 2024-10-28T15:58:58.1037476Z "IsSuccess": true, 2024-10-28T15:58:58.1038079Z "Properties": [ 2024-10-28T15:58:58.1038769Z { 2024-10-28T15:58:58.1039602Z "Name": "CentralPackageTransitivePinningEnabled", 2024-10-28T15:58:58.1040529Z "Value": "true", 2024-10-28T15:58:58.1041486Z "SourceFilePath": "Directory.Packages.props" 2024-10-28T15:58:58.1042353Z }, 2024-10-28T15:58:58.1042951Z { 2024-10-28T15:58:58.1043596Z "Name": "DisableImplicitNuGetFallbackFolder", 2024-10-28T15:58:58.1044449Z "Value": "true", 2024-10-28T15:58:58.1045282Z "SourceFilePath": "Directory.Build.targets" 2024-10-28T15:58:58.1046115Z }, 2024-10-28T15:58:58.1046634Z { 2024-10-28T15:58:58.1047368Z "Name": "ManagePackageVersionsCentrally", 2024-10-28T15:58:58.1048231Z "Value": "true", 2024-10-28T15:58:58.1049419Z "SourceFilePath": "Directory.Packages.props" 2024-10-28T15:58:58.1050317Z }, 2024-10-28T15:58:58.1050942Z { 2024-10-28T15:58:58.1051583Z "Name": "Nullable", 2024-10-28T15:58:58.1052269Z "Value": "enable", 2024-10-28T15:58:58.1053013Z "SourceFilePath": "Directory.Build.targets" 2024-10-28T15:58:58.1053932Z }, 2024-10-28T15:58:58.1054441Z { 2024-10-28T15:58:58.1055123Z "Name": "RestorePackagesWithLockFile", 2024-10-28T15:58:58.1055954Z "Value": "true", 2024-10-28T15:58:58.1056750Z "SourceFilePath": "Directory.Build.targets" 2024-10-28T15:58:58.1057662Z }, 2024-10-28T15:58:58.1058134Z { 2024-10-28T15:58:58.1058726Z "Name": "TargetFramework", 2024-10-28T15:58:58.1059639Z "Value": "net8.0", 2024-10-28T15:58:58.1060520Z "SourceFilePath": "ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj" 2024-10-28T15:58:58.1061496Z }, 2024-10-28T15:58:58.1062156Z { 2024-10-28T15:58:58.1062749Z "Name": "TreatWarningsAsErrors", 2024-10-28T15:58:58.1063655Z "Value": "true", 2024-10-28T15:58:58.1064400Z "SourceFilePath": "Directory.Build.targets" 2024-10-28T15:58:58.1065219Z } 2024-10-28T15:58:58.1065811Z ], 2024-10-28T15:58:58.1066348Z "TargetFrameworks": [ 2024-10-28T15:58:58.1067225Z "net8.0" 2024-10-28T15:58:58.1067883Z ], 2024-10-28T15:58:58.1068506Z "ReferencedProjectPaths": [] 2024-10-28T15:58:58.1069322Z } 2024-10-28T15:58:58.1069831Z ], 2024-10-28T15:58:58.1070432Z "DirectoryPackagesProps": { 2024-10-28T15:58:58.1071271Z "FilePath": "Directory.Packages.props", 2024-10-28T15:58:58.1072096Z "IsSuccess": true, 2024-10-28T15:58:58.1073041Z "IsTransitivePinningEnabled": false, 2024-10-28T15:58:58.1073897Z "Dependencies": [ 2024-10-28T15:58:58.1074507Z { 2024-10-28T15:58:58.1075143Z "Name": "ORGANIZATION.PrivatePackage", 2024-10-28T15:58:58.1075837Z "Version": "1.4.0", 2024-10-28T15:58:58.1076510Z "Type": "PackageVersion", 2024-10-28T15:58:58.1077307Z "EvaluationResult": { 2024-10-28T15:58:58.1078003Z "ResultType": "Success", 2024-10-28T15:58:58.1078707Z "OriginalValue": "1.4.0", 2024-10-28T15:58:58.1079536Z "EvaluatedValue": "1.4.0", 2024-10-28T15:58:58.1080273Z "RootPropertyName": null, 2024-10-28T15:58:58.1080979Z "ErrorMessage": null 2024-10-28T15:58:58.1081724Z }, 2024-10-28T15:58:58.1082276Z "TargetFrameworks": null, 2024-10-28T15:58:58.1083108Z "IsDevDependency": false, 2024-10-28T15:58:58.1083796Z "IsDirect": true, 2024-10-28T15:58:58.1084441Z "IsTransitive": false, 2024-10-28T15:58:58.1085243Z "IsOverride": false, 2024-10-28T15:58:58.1085901Z "IsUpdate": false, 2024-10-28T15:58:58.1086552Z "InfoUrl": null 2024-10-28T15:58:58.1087225Z }, 2024-10-28T15:58:58.1087713Z { 2024-10-28T15:58:58.1088365Z "Name": "JetBrains.Annotations", 2024-10-28T15:58:58.1089116Z "Version": "2024.2.0", 2024-10-28T15:58:58.1089806Z "Type": "PackageVersion", 2024-10-28T15:58:58.1090580Z "EvaluationResult": { 2024-10-28T15:58:58.1091246Z "ResultType": "Success", 2024-10-28T15:58:58.1091975Z "OriginalValue": "2024.2.0", 2024-10-28T15:58:58.1092803Z "EvaluatedValue": "2024.2.0", 2024-10-28T15:58:58.1093565Z "RootPropertyName": null, 2024-10-28T15:58:58.1094234Z "ErrorMessage": null 2024-10-28T15:58:58.1094973Z }, 2024-10-28T15:58:58.1095565Z "TargetFrameworks": null, 2024-10-28T15:58:58.1096349Z "IsDevDependency": false, 2024-10-28T15:58:58.1097030Z "IsDirect": true, 2024-10-28T15:58:58.1097700Z "IsTransitive": false, 2024-10-28T15:58:58.1098445Z "IsOverride": false, 2024-10-28T15:58:58.1099118Z "IsUpdate": false, 2024-10-28T15:58:58.1099729Z "InfoUrl": null 2024-10-28T15:58:58.1100427Z } 2024-10-28T15:58:58.1101271Z ] 2024-10-28T15:58:58.1101840Z }, 2024-10-28T15:58:58.1102379Z "GlobalJson": null, 2024-10-28T15:58:58.1103004Z "DotNetToolsJson": null, 2024-10-28T15:58:58.1103943Z "ErrorType": null, 2024-10-28T15:58:58.1104591Z "ErrorDetails": null 2024-10-28T15:58:58.1105192Z } 2024-10-28T15:58:58.3199345Z proxy | 2024/10/28 15:58:58 [182] POST /update_jobs/907771866/update_dependency_list 2024-10-28T15:58:58.3950135Z proxy | 2024/10/28 15:58:58 [182] 204 /update_jobs/907771866/update_dependency_list 2024-10-28T15:58:58.4434185Z proxy | 2024/10/28 15:58:58 [184] POST /update_jobs/907771866/increment_metric 2024-10-28T15:58:58.5025068Z proxy | 2024/10/28 15:58:58 [184] 204 /update_jobs/907771866/increment_metric 2024-10-28T15:58:58.5069899Z updater | 2024/10/28 15:58:58 INFO Starting update job for 20230029999_EYGS/dependabot-private-nuget 2024-10-28T15:58:58.5071641Z 2024/10/28 15:58:58 INFO Checking all dependencies for version updates... 2024-10-28T15:58:58.5088855Z updater | 2024/10/28 15:58:58 INFO Checking if ORGANIZATION.PrivatePackage 1.4.0 needs updating 2024-10-28T15:58:58.6154804Z proxy | 2024/10/28 15:58:58 [186] GET https://nuget.pkg.github.com:443/ORGANIZATION/index.json 2024-10-28T15:58:58.6155871Z 2024/10/28 15:58:58 [186] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:58.6228401Z proxy | 2024/10/28 15:58:58 [186] 200 https://nuget.pkg.github.com:443/ORGANIZATION/index.json 2024-10-28T15:58:58.7596051Z proxy | 2024/10/28 15:58:58 [190] GET https://nuget.pkg.github.com:443/ORGANIZATION/ORGANIZATION.PrivatePackage/index.json 2024-10-28T15:58:58.7597919Z 2024/10/28 15:58:58 [190] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:58.8929681Z proxy | 2024/10/28 15:58:58 [190] 200 https://nuget.pkg.github.com:443/ORGANIZATION/ORGANIZATION.PrivatePackage/index.json 2024-10-28T15:58:58.9139153Z updater | 2024/10/28 15:58:58 INFO Filtered out 6 pre-release versions 2024-10-28T15:58:59.0196362Z proxy | 2024/10/28 15:58:59 [192] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/ORGANIZATION.PrivatePackage/1.4.0/ORGANIZATION.PrivatePackage.1.4.0.nupkg 2024-10-28T15:58:59.0198901Z proxy | 2024/10/28 15:58:59 [192] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:59.2159024Z proxy | 2024/10/28 15:58:59 [192] 302 https://nuget.pkg.github.com:443/ORGANIZATION/download/ORGANIZATION.PrivatePackage/1.4.0/ORGANIZATION.PrivatePackage.1.4.0.nupkg 2024-10-28T15:58:59.3356947Z proxy | 2024/10/28 15:58:59 [194] GET https://nugetregistryv2prod.blob.core.windows.net:443/nugetregistryv2prod/blobs/89478311/ORGANIZATION.PrivatePackage/1.4.0/bae1f60e-9d33-454a-b0bd-c5497cb3c0b9?se=2024-10-28T16%3A03%3A59Z&sig=3h4CJx6QzrBuPzchWlPaOVkKYBQWH0ff8P6cLZR9I%2Fk%3D&sp=r&spr=https&sr=b&sv=2020-04-08 2024-10-28T15:58:59.3463646Z proxy | 2024/10/28 15:58:59 [194] 200 https://nugetregistryv2prod.blob.core.windows.net:443/nugetregistryv2prod/blobs/89478311/ORGANIZATION.PrivatePackage/1.4.0/bae1f60e-9d33-454a-b0bd-c5497cb3c0b9?se=2024-10-28T16%3A03%3A59Z&sig=3h4CJx6QzrBuPzchWlPaOVkKYBQWH0ff8P6cLZR9I%2Fk%3D&sp=r&spr=https&sr=b&sv=2020-04-08 2024-10-28T15:58:59.3781184Z updater | 2024/10/28 15:58:59 INFO Latest version is 1.4.0 2024-10-28T15:58:59.3800359Z updater | 2024/10/28 15:58:59 INFO No update needed for ORGANIZATION.PrivatePackage 1.4.0 2024-10-28T15:58:59.3802079Z updater | 2024/10/28 15:58:59 INFO Checking if JetBrains.Annotations 2024.2.0 needs updating 2024-10-28T15:58:59.4836659Z proxy | 2024/10/28 15:58:59 [196] GET https://nuget.pkg.github.com:443/ORGANIZATION/jetbrains.annotations/index.json 2024-10-28T15:58:59.4838816Z 2024/10/28 15:58:59 [196] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:59.4992536Z proxy | 2024/10/28 15:58:59 [196] 404 https://nuget.pkg.github.com:443/ORGANIZATION/jetbrains.annotations/index.json 2024-10-28T15:58:59.7273833Z proxy | 2024/10/28 15:58:59 [198] GET https://api.nuget.org:443/v3/registration5-gz-semver2/jetbrains.annotations/index.json 2024-10-28T15:58:59.7822477Z proxy | 2024/10/28 15:58:59 [198] 200 https://api.nuget.org:443/v3/registration5-gz-semver2/jetbrains.annotations/index.json 2024-10-28T15:58:59.8108036Z updater | 2024/10/28 15:58:59 INFO Filtered out 15 pre-release versions 2024-10-28T15:58:59.9317033Z proxy | 2024/10/28 15:58:59 [200] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/jetbrains.annotations/2024.2.0/jetbrains.annotations.2024.2.0.nupkg 2024-10-28T15:58:59.9319034Z proxy | 2024/10/28 15:58:59 [200] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:58:59.9481038Z proxy | 2024/10/28 15:58:59 [200] 404 https://nuget.pkg.github.com:443/ORGANIZATION/download/jetbrains.annotations/2024.2.0/jetbrains.annotations.2024.2.0.nupkg 2024-10-28T15:59:00.0520368Z proxy | 2024/10/28 15:59:00 [202] GET https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.2.0/jetbrains.annotations.nuspec 2024-10-28T15:59:00.0593177Z proxy | 2024/10/28 15:59:00 [202] 200 https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.2.0/jetbrains.annotations.nuspec 2024-10-28T15:59:00.0632597Z updater | 2024/10/28 15:59:00 INFO Latest version is 2024.3.0 2024-10-28T15:59:00.0667311Z updater | 2024/10/28 15:59:00 INFO Requirements to unlock all 2024-10-28T15:59:00.0668675Z updater | 2024/10/28 15:59:00 INFO Requirements update strategy 2024-10-28T15:59:00.0682136Z updater | Finding updated dependencies for JetBrains.Annotations. 2024-10-28T15:59:00.1795365Z proxy | 2024/10/28 15:59:00 [204] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/jetbrains.annotations/2024.3.0/jetbrains.annotations.2024.3.0.nupkg 2024-10-28T15:59:00.1798239Z 2024/10/28 15:59:00 [204] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:59:00.1954959Z proxy | 2024/10/28 15:59:00 [204] 404 https://nuget.pkg.github.com:443/ORGANIZATION/download/jetbrains.annotations/2024.3.0/jetbrains.annotations.2024.3.0.nupkg 2024-10-28T15:59:00.2994490Z proxy | 2024/10/28 15:59:00 [206] GET https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.3.0/jetbrains.annotations.nuspec 2024-10-28T15:59:00.3098240Z proxy | 2024/10/28 15:59:00 [206] 200 https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.3.0/jetbrains.annotations.nuspec 2024-10-28T15:59:00.4154831Z proxy | 2024/10/28 15:59:00 [208] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/system.runtime/4.1.0/system.runtime.4.1.0.nupkg 2024-10-28T15:59:00.4156715Z 2024/10/28 15:59:00 [208] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:59:00.4756313Z proxy | 2024/10/28 15:59:00 [208] 404 https://nuget.pkg.github.com:443/ORGANIZATION/download/system.runtime/4.1.0/system.runtime.4.1.0.nupkg 2024-10-28T15:59:00.5795854Z proxy | 2024/10/28 15:59:00 [210] GET https://api.nuget.org:443/v3-flatcontainer/system.runtime/4.1.0/system.runtime.nuspec 2024-10-28T15:59:00.5890978Z proxy | 2024/10/28 15:59:00 [210] 200 https://api.nuget.org:443/v3-flatcontainer/system.runtime/4.1.0/system.runtime.nuspec 2024-10-28T15:59:00.6956146Z proxy | 2024/10/28 15:59:00 [212] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/microsoft.netcore.platforms/1.0.1/microsoft.netcore.platforms.1.0.1.nupkg 2024-10-28T15:59:00.6958420Z 2024/10/28 15:59:00 [212] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:59:00.7135591Z proxy | 2024/10/28 15:59:00 [212] 404 https://nuget.pkg.github.com:443/ORGANIZATION/download/microsoft.netcore.platforms/1.0.1/microsoft.netcore.platforms.1.0.1.nupkg 2024-10-28T15:59:00.8194818Z proxy | 2024/10/28 15:59:00 [214] GET https://api.nuget.org:443/v3-flatcontainer/microsoft.netcore.platforms/1.0.1/microsoft.netcore.platforms.nuspec 2024-10-28T15:59:00.8289877Z proxy | 2024/10/28 15:59:00 [214] 200 https://api.nuget.org:443/v3-flatcontainer/microsoft.netcore.platforms/1.0.1/microsoft.netcore.platforms.nuspec 2024-10-28T15:59:00.9358152Z proxy | 2024/10/28 15:59:00 [216] GET https://nuget.pkg.github.com:443/ORGANIZATION/download/microsoft.netcore.targets/1.0.1/microsoft.netcore.targets.1.0.1.nupkg 2024-10-28T15:59:00.9360362Z proxy | 2024/10/28 15:59:00 [216] * authenticating nuget feed request (host: nuget.pkg.github.com, basic auth) 2024-10-28T15:59:00.9515359Z proxy | 2024/10/28 15:59:00 [216] 404 https://nuget.pkg.github.com:443/ORGANIZATION/download/microsoft.netcore.targets/1.0.1/microsoft.netcore.targets.1.0.1.nupkg 2024-10-28T15:59:01.0636068Z proxy | 2024/10/28 15:59:01 [218] GET https://api.nuget.org:443/v3-flatcontainer/microsoft.netcore.targets/1.0.1/microsoft.netcore.targets.nuspec 2024-10-28T15:59:01.0799863Z proxy | 2024/10/28 15:59:01 [218] 200 https://api.nuget.org:443/v3-flatcontainer/microsoft.netcore.targets/1.0.1/microsoft.netcore.targets.nuspec 2024-10-28T15:59:01.0877030Z updater | 2024/10/28 15:59:01 INFO Updating JetBrains.Annotations from 2024.2.0 to 2024.3.0 2024-10-28T15:59:01.1009422Z updater | running NuGet updater: 2024-10-28T15:59:01.1012115Z /opt/nuget/NuGetUpdater/NuGetUpdater.Cli update --repo-root /home/dependabot/dependabot-updater/repo --solution-or-project /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj --dependency JetBrains.Annotations --new-version 2024.3.0 --previous-version 2024.2.0 --result-output-path /tmp/update-result.json 2024-10-28T15:59:03.8217448Z updater | No dotnet-tools.json file found. 2024-10-28T15:59:03.8218330Z No global.json file found. 2024-10-28T15:59:03.8219313Z Running for project file [ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj] 2024-10-28T15:59:03.8220885Z Updating project [/home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj] 2024-10-28T15:59:03.8222600Z Running 'PackageReference' project direct XML update 2024-10-28T15:59:03.8223995Z dotnet build in GetAllPackageDependenciesAsync failed. STDOUT: Determining projects to restore... 2024-10-28T15:59:03.8227168Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'JetBrains.Annotations (= 2024.2.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8231131Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8235012Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration.Binder (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8239241Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8243381Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Messaging.EventHubs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8247183Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Storage.Blobs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8250914Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Identity (>= 1.13.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8254624Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs.Processor (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8261668Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Storage.Blobs (>= 12.22.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8265577Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Azure (>= 1.7.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8269871Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8273938Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Logging (>= 8.0.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8278039Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Options.DataAnnotations (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8282149Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'MiniValidation (>= 0.9.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8286092Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'OpenTelemetry.Extensions.Hosting (>= 1.9.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8290461Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'StrawberryShake.Server (>= 13.9.14)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8294152Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'System.Text.Json (>= 8.0.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8298040Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.WindowsDesktop.App.Ref (= 8.0.8)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8300973Z Failed to restore /tmp/package-dependency-resolution_WfDqFN/Project.csproj (in 159 ms). 2024-10-28T15:59:03.8301923Z 2024-10-28T15:59:03.8302149Z Build FAILED. 2024-10-28T15:59:03.8302582Z 2024-10-28T15:59:03.8304484Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'JetBrains.Annotations (= 2024.2.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8312369Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8316405Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration.Binder (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8320930Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8325315Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Messaging.EventHubs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8329515Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Storage.Blobs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8333501Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Identity (>= 1.13.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8337537Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs.Processor (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8341633Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Azure.Storage.Blobs (>= 12.22.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8345587Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Azure (>= 1.7.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8351072Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8355228Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Logging (>= 8.0.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8359802Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Options.DataAnnotations (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8363896Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'MiniValidation (>= 0.9.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8367618Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'OpenTelemetry.Extensions.Hosting (>= 1.9.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8371347Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'StrawberryShake.Server (>= 13.9.14)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8375045Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'System.Text.Json (>= 8.0.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8378708Z /tmp/package-dependency-resolution_WfDqFN/Project.csproj : error NU1100: Unable to resolve 'Microsoft.WindowsDesktop.App.Ref (= 8.0.8)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8380819Z 0 Warning(s) 2024-10-28T15:59:03.8381464Z 18 Error(s) 2024-10-28T15:59:03.8381797Z 2024-10-28T15:59:03.8382011Z Time Elapsed 00:00:00.83 2024-10-28T15:59:03.8382497Z 2024-10-28T15:59:03.8382790Z STDERR: 2024-10-28T15:59:03.8383108Z 2024-10-28T15:59:03.8384393Z Package [JetBrains.Annotations] Does not exist as a dependency in [/home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj]. 2024-10-28T15:59:03.8385990Z Updating lock file 2024-10-28T15:59:03.8386945Z Lock file update failed. 2024-10-28T15:59:03.8387562Z STDOUT: 2024-10-28T15:59:03.8388380Z Determining projects to restore... 2024-10-28T15:59:03.8391179Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'JetBrains.Annotations (>= 2024.2.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8395439Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8399970Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration.Binder (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8404674Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.DependencyInjection.Abstractions (>= 8.0.2)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8409329Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Messaging.EventHubs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8413796Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Aspire.Azure.Storage.Blobs (>= 8.2.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8418227Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Azure.Identity (>= 1.13.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8422589Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Azure.Messaging.EventHubs.Processor (>= 5.11.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8427153Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Azure.Storage.Blobs (>= 12.22.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8431457Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Azure (>= 1.7.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8436047Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Configuration (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8440521Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Logging (>= 8.0.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8445142Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'Microsoft.Extensions.Options.DataAnnotations (>= 8.0.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8449483Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'MiniValidation (>= 0.9.1)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8453979Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'OpenTelemetry.Extensions.Hosting (>= 1.9.0)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8458441Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'StrawberryShake.Server (>= 13.9.14)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8462573Z /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj : error NU1100: Unable to resolve 'System.Text.Json (>= 8.0.5)' for 'net8.0'. PackageSourceMapping is enabled, the following source(s) were not considered: github. 2024-10-28T15:59:03.8465627Z Failed to restore /home/dependabot/dependabot-updater/repo/ORGANIZATION.Raptor.MAD.SnapshotExporter.csproj (in 211 ms). 2024-10-28T15:59:03.8467080Z 2024-10-28T15:59:03.8467096Z 2024-10-28T15:59:03.8467311Z STDERR: 2024-10-28T15:59:03.8467627Z 2024-10-28T15:59:03.8467636Z 2024-10-28T15:59:03.8467843Z Update complete. 2024-10-28T15:59:03.8468802Z Writing update result to [/tmp/update-result.json]. 2024-10-28T15:59:03.8469831Z updater | 2024/10/28 15:59:03 INFO update result: { 2024-10-28T15:59:03.8470745Z "ErrorType": null, 2024-10-28T15:59:03.8471431Z "ErrorDetails": null 2024-10-28T15:59:03.8471990Z } 2024-10-28T15:59:03.8472757Z updater | The contents of file [packages.lock.json] were updated. 2024-10-28T15:59:03.8474216Z 2024/10/28 15:59:03 INFO Submitting JetBrains.Annotations pull request for creation 2024-10-28T15:59:04.0643773Z proxy | 2024/10/28 15:59:04 [220] GET https://api.github.com:443/repos/20230029999_EYGS/dependabot-private-nuget/commits?per_page=100 2024-10-28T15:59:04.0645383Z proxy | 2024/10/28 15:59:04 [220] * authenticating github api request with token for api.github.com 2024-10-28T15:59:04.1863711Z proxy | 2024/10/28 15:59:04 [220] 200 https://api.github.com:443/repos/20230029999_EYGS/dependabot-private-nuget/commits?per_page=100 2024-10-28T15:59:04.3037825Z proxy | 2024/10/28 15:59:04 [222] GET https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.3.0/jetbrains.annotations.nuspec 2024-10-28T15:59:04.3040933Z proxy | 2024/10/28 15:59:04 [222] 200 https://api.nuget.org:443/v3-flatcontainer/jetbrains.annotations/2024.3.0/jetbrains.annotations.nuspec 2024-10-28T15:59:04.3641893Z proxy | 2024/10/28 15:59:04 [224] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/releases?per_page=100 2024-10-28T15:59:04.3643752Z proxy | 2024/10/28 15:59:04 [224] * authenticating github api request with token for api.github.com 2024-10-28T15:59:04.4703437Z proxy | 2024/10/28 15:59:04 [224] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/releases?per_page=100 2024-10-28T15:59:04.5177204Z proxy | 2024/10/28 15:59:04 [226] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/contents/ 2024-10-28T15:59:04.5178776Z proxy | 2024/10/28 15:59:04 [226] * authenticating github api request with token for api.github.com 2024-10-28T15:59:04.6035976Z proxy | 2024/10/28 15:59:04 [226] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/contents/ 2024-10-28T15:59:04.7237628Z proxy | 2024/10/28 15:59:04 [228] GET https://github.com:443/JetBrains/JetBrains.Annotations.git/info/refs?service=git-upload-pack 2024-10-28T15:59:04.7239271Z 2024/10/28 15:59:04 [228] * authenticating git server request (host: github.com) 2024-10-28T15:59:04.7966563Z proxy | 2024/10/28 15:59:04 [228] 200 https://github.com:443/JetBrains/JetBrains.Annotations.git/info/refs?service=git-upload-pack 2024-10-28T15:59:04.8101869Z proxy | 2024/10/28 15:59:04 [230] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/contents/?ref=2024.3 2024-10-28T15:59:04.8103881Z 2024/10/28 15:59:04 [230] * authenticating github api request with token for api.github.com 2024-10-28T15:59:04.9000762Z proxy | 2024/10/28 15:59:04 [230] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/contents/?ref=2024.3 2024-10-28T15:59:05.0074703Z proxy | 2024/10/28 15:59:05 [232] GET https://github.com:443/JetBrains/JetBrains.Annotations.git/info/refs?service=git-upload-pack 2024-10-28T15:59:05.0077263Z 2024/10/28 15:59:05 [232] 200 https://github.com:443/JetBrains/JetBrains.Annotations.git/info/refs?service=git-upload-pack 2024-10-28T15:59:05.0570797Z proxy | 2024/10/28 15:59:05 [234] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.0572514Z proxy | 2024/10/28 15:59:05 [234] * authenticating github api request with token for api.github.com 2024-10-28T15:59:05.1968327Z proxy | 2024/10/28 15:59:05 [234] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.2322822Z proxy | 2024/10/28 15:59:05 [236] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.2324813Z proxy | 2024/10/28 15:59:05 [236] * authenticating github api request with token for api.github.com 2024-10-28T15:59:05.3571282Z proxy | 2024/10/28 15:59:05 [236] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.3841174Z proxy | 2024/10/28 15:59:05 [238] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.3843293Z proxy | 2024/10/28 15:59:05 [238] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.4046566Z proxy | 2024/10/28 15:59:05 [240] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.4049045Z proxy | 2024/10/28 15:59:05 [240] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.4332610Z proxy | 2024/10/28 15:59:05 [242] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.4334956Z proxy | 2024/10/28 15:59:05 [242] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.2 2024-10-28T15:59:05.4553667Z proxy | 2024/10/28 15:59:05 [244] GET https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.4555918Z proxy | 2024/10/28 15:59:05 [244] 200 https://api.github.com:443/repos/JetBrains/JetBrains.Annotations/commits?sha=2024.3 2024-10-28T15:59:05.5303544Z proxy | 2024/10/28 15:59:05 [246] POST /update_jobs/907771866/create_pull_request 2024-10-28T15:59:05.8394329Z proxy | 2024/10/28 15:59:05 [246] 204 /update_jobs/907771866/create_pull_request 2024-10-28T15:59:05.8873805Z proxy | 2024/10/28 15:59:05 [248] PATCH /update_jobs/907771866/mark_as_processed 2024-10-28T15:59:05.9849091Z proxy | 2024/10/28 15:59:05 [248] 204 /update_jobs/907771866/mark_as_processed 2024-10-28T15:59:05.9862106Z updater | 2024/10/28 15:59:05 INFO Finished job processing 2024-10-28T15:59:05.9876148Z updater | 2024/10/28 15:59:05 INFO Results: 2024-10-28T15:59:05.9877183Z +---------------------------------------------------------------+ 2024-10-28T15:59:05.9877789Z | Changes to Dependabot Pull Requests | 2024-10-28T15:59:05.9878521Z +---------+-----------------------------------------------------+ 2024-10-28T15:59:05.9879106Z | created | JetBrains.Annotations ( from 2024.2.0 to 2024.3.0 ) | 2024-10-28T15:59:05.9879743Z +---------+-----------------------------------------------------+ 2024-10-28T15:59:06.1580606Z Cleaned up container 07a59edb31e1c547d850142ce0b3c2511906b88ae318750470a477fc0af26b6d 2024-10-28T15:59:06.1695859Z proxy | 2024/10/28 15:59:06 Posting metrics to remote API endpoint 2024-10-28T15:59:06.1696944Z 2024/10/28 15:59:06 58/123 calls cached (47%) 2024-10-28T15:59:06.6442822Z 🤖 ~ finished ~ ```

Smallest manifest that reproduces the issue

No response

[brettfo]

Thank you for the logs. I'll have to experiment a bit, but it looks like you're correct; the package mapping caused some issues that it couldn't recover from (like blanking out the lock file).

[skolima]

Regarding the packageSourceMapping, I managed to find a workaround, but it'd be nice to have this somehow mentioned in the documentation.

I've explicitly added the original nuget feed to dependabot.yml as the second nuget feed:

public-nuget:
    type: nuget-feed
    url: https://api.nuget.org/v3/index.json

It then gets passed on by Dependabot to NuGet build as nuget_source_2 so I configured my source mappings to use that:

<configuration>
  <packageSources>
    <add key="github" value="https://nuget.pkg.github.com/ORGANIZATION/index.json" />
    <add key="nuget_source_2" value=https://api.nuget.org/v3/index.json />
  </packageSources>
  <packageSourceMapping>
    <packageSource key="nuget_source_2">
      <package pattern="*" />
    </packageSource>
    <packageSource key="github">
      <package pattern="ORGANIZATION.*" />
    </packageSource>
  </packageSourceMapping>
</configuration>

This works, though it feels rather clunky. The empty package.lock.json files when there are transient dependencies issue - still remains. There's also another report for it: https://github.com/dependabot/dependabot-core/issues/10863

[brettfo]

Thanks for the information, it should give me a place to start investigating.