search

dependabot / dependabot-core

🤖 Dependabot's core logic for creating update PRs.
https://docs.github.com/en/code-security/dependabot
MIT License
4.74k stars 1.03k forks source link

Dependabot configured, but shows 'Dependabot version updates aren't configured yet' #7357

Open valentincpopa opened 1 year ago

valentincpopa commented 1 year ago

Is there an existing issue for this?

Package ecosystem

nuget

Package manager version

nuget 6.4.0.117 locally

Language version

C# 11

Manifest location and content before the Dependabot update

https://github.com/valentincpopa/reddit-image-bot/blob/master/src/RedditImageBot.csproj

dependabot.yml content

https://github.com/valentincpopa/reddit-image-bot/blob/master/.github/dependabot.yml

Updated dependency

No response

What you expected to see, versus what you actually saw

expected: dependabot to be shown as configured in the insights tab actual result: image

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

valentincpopa commented 1 year ago

Seems to be related to #5112 and #6600. I tried updating dependabot.yml multiple times, but I can't figure out why it wouldn't check for updates and create a PR. It may be worth mentioning that in a first attempt to configure dependabot, I copied some configuration from somewhere and it looked like there were some 'illegal' yaml characters: “, —, etc.

jakecoffman commented 1 year ago

Have you ever renamed your account? If so what was the previous username?

valentincpopa commented 1 year ago

Yes, it was 'spancky' before.

jakecoffman commented 1 year ago

Sorry for the delay in responding.

It looks like Dependabot doesn't know about either account name, so I can't do much.

Can you try going into the repo settings and toggling Dependabot alerts and Security Updates off an on? That should resend the message on the backend to install Dependabot so we can try to fix this up.

valentincpopa commented 1 year ago

No worries, thanks for helping.

I did turn the dependabot settings off and on again, but nothing happened on my side :D (also updated the dependabot.yml file, maybe that helps as well?)

Blacksmoke16 commented 1 year ago

Any other ideas? I'm running into a similar problem with a repo that was moved into an org in the past. Enabling/disabling alerts/security updates didn't seem to help.

bisskar commented 6 months ago

Any news? Having the same issue.

rivenintech commented 3 weeks ago

I had the same issue. What worked for me was deleting the dependabot.yml file, committing the change and then creating a new dependabot.yml config file through the Insights tab >Dependabot > Configure.