Open pzygielo opened 2 years ago
Closing due to lack of response.
@pzygielo I'm so sorry we failed to provide some response to you on time. Is this the same as #4652? If so, we'll track resolution there, so feel free to subscribe! :)
Is this the same as #4652?
It's possible. I can't remember why I found this one worth submitting as new. Maybe because this is about rebase
and that is about recreate
? Not sure today.
If 4652 is solved I will be very happy to update my reproducer (if necessary) and test it.
Thanks for checking.
Awesome, thanks @pzygielo!
I observe (not sure - still or again) bad commit message and title not updated:
rebase
command.The commit changes but the commit message does not correspond to that
recreate
does not work much better unfortunately.
This is still the case.
The original change:
diff --git a/pom.xml b/pom.xml
index ce7c88da..2f160508 100644
--- a/pom.xml
+++ b/pom.xml
@@ -245,7 +245,7 @@
<dependency>
<groupId>org.htmlunit</groupId>
<artifactId>htmlunit</artifactId>
- <version>3.0.0</version>
+ <version>3.11.0</version>
<scope>test</scope>
</dependency>
<dependency>
This update was accompanied by the parallel PR, also dependabot-generated, for security issue to update htmlunit from 3.0.0 to 3.0.9. The update to 3.0.9 was picked first and merged, which caused conflict and triggered auto-rebase of PR for upgrade to 3.11.0.
Final diff after auto-rebase:
diff --git a/pom.xml b/pom.xml
index b8909a91..2f160508 100644
--- a/pom.xml
+++ b/pom.xml
@@ -245,7 +245,7 @@
<dependency>
<groupId>org.htmlunit</groupId>
<artifactId>htmlunit</artifactId>
- <version>3.9.0</version>
+ <version>3.11.0</version>
<scope>test</scope>
</dependency>
<dependency>
Commit message (not updated):
Bump org.htmlunit:htmlunit from 3.0.0 to 3.11.0
Bumps [org.htmlunit:htmlunit](https://github.com/HtmlUnit/htmlunit) from 3.0.0 to 3.11.0.
- [Release notes](https://github.com/HtmlUnit/htmlunit/releases)
- [Commits](https://github.com/HtmlUnit/htmlunit/compare/3.0.0...3.11.0)
---
updated-dependencies:
- dependency-name: org.htmlunit:htmlunit
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
PR title not updated: Bump org.htmlunit:htmlunit from 3.0.0 to 3.11.0 (does not reflect the change)
PR description also not updated.
recreate
command didn't help.
proxy | 2024/03/18 12:01:48 proxy starting, commit: cf8623577dad71c128f219df2b27df6de35b909d
proxy | 2024/03/18 12:01:48 Listening (:1080)
updater | 2024-03-18T12:01:50.331676765 [801645911:main:WARN:src/devices/src/legacy/serial.rs:222] Detached the serial input due to peer close/error.
updater | time="2024-03-18T12:01:57Z" level=info msg="guest starting" commit=6ee2dfdd9de690457a831bc6c065b2ec4acdd0b7
updater | time="2024-03-18T12:01:57Z" level=info msg="starting job..." fetcher_timeout=10m0s job_id=801645911 updater_timeout=45m0s updater_version=b05fe6a2dbfc438d451636d266c7f865e4cbad22-maven
updater | 2024/03/18 12:02:21 INFO <job_801645911> Starting job processing
...
updater | 2024/03/18 12:02:45 INFO <job_801645911> Latest version is 3.11.0
updater | 2024/03/18 12:02:45 INFO <job_801645911> Requirements to unlock own
updater | 2024/03/18 12:02:45 INFO <job_801645911> Requirements update strategy
updater | 2024/03/18 12:02:45 INFO <job_801645911> Updating org.htmlunit:htmlunit from 3.9.0 to 3.11.0
updater | 2024/03/18 12:02:46 INFO <job_801645911> Submitting org.htmlunit:htmlunit pull request for update
updater | 2024/03/18 12:02:46 INFO <job_801645911> Finished job processing
updater | 2024/03/18 12:02:46 INFO Results:
updater | +----------------------------------------------------------+
updater | | Changes to Dependabot Pull Requests |
updater | +---------+------------------------------------------------+
updater | | updated | org.htmlunit:htmlunit ( from 3.9.0 to 3.11.0 ) |
What are the chances to have it fixed?
From 09a42b468de80ba3d00d64b7d1da9afc836d56a9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 18 Jul 2024 08:42:30 +0000
Subject: [PATCH] Bump com.google.errorprone:error_prone_core from 2.28.0 to
2.29.1
Bumps [com.google.errorprone:error_prone_core](https://github.com/google/error-prone) from 2.28.0 to 2.29.1.
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](https://github.com/google/error-prone/compare/v2.28.0...v2.29.1)
---
updated-dependencies:
- dependency-name: com.google.errorprone:error_prone_core
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
All as bad as above.
What are the chances to have it fixed?
The log:
updater | time="2024-08-29T10:07:16Z" level=info msg="starting job..." fetcher_timeout=10m0s job_id=875933440 updater_timeout=45m0s updater_version=5e11c489279bbdb62fa17cda665207a81e90a19a-maven
...
updater | 2024/08/29 10:07:25 INFO <job_875933440> Updating com.google.errorprone:error_prone_core from 2.30.0 to 2.31.0
...
updater | +----------------------------------------------------------------------------+
updater | | Changes to Dependabot Pull Requests |
updater | +---------+------------------------------------------------------------------+
updater | | updated | com.google.errorprone:error_prone_core ( from 2.30.0 to 2.31.0 ) |
updater | +---------+------------------------------------------------------------------+
updater | time="2024-08-29T10:07:26Z" level=info msg="task complete" container_id=job-875933440-updater exit_code=0 job_id=875933440 step=updater
which is correct in the matter of versions (actual change 2.30.0 -> 2.31.0). But the commit message, PR title and PR description are left incorrect as Bump com.google.errorprone:error_prone_core from 2.29.2 to 2.31.0
.
In the meantime PR description is updated for adding the 'Dependabot is rebasing this PR...' message, and for removing it. But other content is left in old, incorrect version.
Package ecosystem maven
Manifest location and content prior to update https://github.com/pzrep/dependabot-commit-message/blob/master/pom.xml
dependabot.yml content https://github.com/pzrep/dependabot-commit-message/blob/master/.github/dependabot.yml
Updated dependency
net.sf.saxon
:Saxon-HE
:10.6
->11.2
What you expected to see, versus what you actually saw
commit message
Expected:
Actual:
Images of the diff or a link to the PR, issue or logs https://github.com/pzrep/dependabot-commit-message/pull/1/files
🕹 Bonus points: Smallest manifest that reproduces the issue https://github.com/pzrep/dependabot-commit-message
This seems related - https://github.com/dependabot/dependabot-core/issues/4652#issuecomment-1021724508
This is wrong expectation if the dependency under the change was updated in the meantime. PR title can be updated by repo maintainer, but not the commit message, which sometimes has content based on the version before update (not shown in linked reproducer).