Dependabot fails to update all private repository dependencies when it lacks access to a single one

[robmonte]

Is there an existing issue for this?

• [X] I have searched the existing issues

---

Package ecosystem

gomod

---

Package manager version

No response

---

Language version

1.21.4

---

Manifest location and content before the Dependabot update

go.mod:

module github.com/robmonte-org/test-app

go 1.21.4

require (
    github.com/robmonte-org/private-repo-1 v0.1.0
    github.com/robmonte-org/private-repo-2 v0.1.0
)

---

dependabot.yml content

version: 2

registries:
  github:
    type: git
    url: https://github.com
    username: x-access-token
    password: ${{ secrets.DEPENDABOT_ACCESS_TOKEN }}

updates:
  - package-ecosystem: gomod
    directory: "/"
    schedule: 
      interval: daily
    registries:
      - github

---

Updated dependency

None were updated.

Expected to be updated: github.com/robmonte-org/private-repo-1 from v0.1.0 to v0.2.0 github.com/robmonte-org/private-repo-2 from v0.1.0 to v0.2.0

---

What you expected to see, versus what you actually saw

Summary

I have a test application named test-app that imports two private repositories as go dependencies. The two private repositories are called private-repo-1 and private-repo-2.

The test-app is currently using v0.1.0 of both of the private deps, but both repos have v0.2.0 available for update. Dependabot is configured with the above dependabot.yml content which uses a PAT for access to the private repos. However, only private-repo-1 is granted access on the PAT.

 

Expected behavior

Dependabot should successfully create a Pull Request with the update to v0.2.0 for private-repo-1 because it has access, while doing nothing with private-repo-2 because it cannot access it.

 

Actual behavior

What is happening instead is Dependabot fails to update both of the dependencies. If you look at the Entire Dependabot Update Log I included, you can see that it successfully accesses and updates private-repo-1 during execution.

Here are snippets of specific steps of the log starting with private-repo-1:

⋮
updater | 2023/11/19 05:01:24 INFO <job_751537323> Checking if github.com/robmonte-org/private-repo-1 0.1.0 needs updating
  proxy | 2023/11/19 05:01:24 [017] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack
  proxy | 2023/11/19 05:01:24 [017] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack
updater | 2023/11/19 05:01:24 INFO <job_751537323> Latest version is 0.2.0
updater | 2023/11/19 05:01:24 INFO <job_751537323> Updating github.com/robmonte-org/private-repo-1 from 0.1.0 to 0.2.0
⋮

Then it attempts private-repo-2 and fails:

⋮
updater | 2023/11/19 05:01:25 INFO <job_751537323> Checking if github.com/robmonte-org/private-repo-2 0.1.0 needs updating
  proxy | 2023/11/19 05:01:26 [036] GET https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack
  proxy | 2023/11/19 05:01:26 [036] 403 https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack
⋮
  proxy | 2023/11/19 05:01:26 [042] GET https://github.com:443/robmonte-org/private-repo-2
  proxy | 2023/11/19 05:01:26 [042] 404 https://github.com:443/robmonte-org/private-repo-2
⋮
  proxy | 2023/11/19 05:01:26 [042] WARN: Cannot write TLS response body from mitm'd client: write tcp 192.168.1.1:1080->192.168.1.2:42818: write: connection reset by peer
updater | 2023/11/19 05:01:26 INFO <job_751537323> Handled error whilst updating github.com/robmonte-org/private-repo-2: git_dependencies_not_reachable {:"dependency-urls"=>["github.com/robmonte-org/private-repo-2"]}
⋮

At this point, it is done with its attempts and moves to finish the job. For some reason at this point, Dependabot decides that both dependencies had errors, lists both as unreachable, and exits with zero PR's created:

⋮
updater | 2023/11/19 05:01:26 INFO Results:
updater | Dependabot encountered '2' error(s) during execution, please check the logs for more details.
updater | +-------------------------------------------------------------------------+
updater | |                      Dependencies failed to update                      |
updater | +------------------------------------------------+------------------------+
updater | | github.com/robmonte-org/private-repo-1 | git_dependencies_not_reachable |
updater | | github.com/robmonte-org/private-repo-2 | git_dependencies_not_reachable |
updater | +------------------------------------------------+------------------------+

---

Native package manager behavior

No response

---

Images of the diff or a link to the PR, issue, or logs

Entire update log provided in this collapsible box:

Dependabot Update Log

``` proxy | 2023/11/19 05:01:15 proxy starting, commit: abc proxy | 2023/11/19 05:01:15 Listening (:1080) updater | 2023-11-19T05:01:16.304610473 [751537323:main:WARN:src/devices/src/legacy/serial.rs:222] Detached the serial input due to peer close/error. updater | time="2023-11-19T05:01:18Z" level=info msg="guest starting" commit=abc updater | time="2023-11-19T05:01:18Z" level=info msg="starting job..." fetcher_timeout=10m0s job_id=751537323 updater_timeout=45m0s updater_version=5e9b4a86f1855d7d43c9711d2ded3cd338137b87-gomod updater | 2023/11/19 05:01:19 INFO Raven 3.1.2 ready to catch errors updater | 2023/11/19 05:01:20 INFO Starting job processing proxy | 2023/11/19 05:01:20 [002] GET https://github.com:443/robmonte-org/test-app/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:20 [002] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:20 [002] 403 https://github.com:443/robmonte-org/test-app/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:20 [002] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:20 [002] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:20 [002] * re-auth'd request returned 200, replacing response proxy | 2023/11/19 05:01:20 [003] POST https://github.com:443/robmonte-org/test-app/git-upload-pack proxy | 2023/11/19 05:01:20 [003] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:20 [003] 403 https://github.com:443/robmonte-org/test-app/git-upload-pack proxy | 2023/11/19 05:01:20 [003] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:20 [003] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:21 [003] * re-auth'd request returned 200, replacing response proxy | 2023/11/19 05:01:21 [004] POST https://github.com:443/robmonte-org/test-app/git-upload-pack proxy | 2023/11/19 05:01:21 [004] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:21 [004] 403 https://github.com:443/robmonte-org/test-app/git-upload-pack proxy | 2023/11/19 05:01:21 [004] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:21 [004] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:21 [004] * re-auth'd request returned 200, replacing response updater | 2023/11/19 05:01:21 INFO Finished job processing updater | time="2023-11-19T05:01:22Z" level=info msg="task complete" container_id=job-751537323-file-fetcher exit_code=0 job_id=751537323 step=fetcher updater | 2023/11/19 05:01:23 INFO Raven 3.1.2 ready to catch errors updater | 2023/11/19 05:01:23 INFO Starting job processing updater | 2023/11/19 05:01:24 INFO Starting update job for robmonte-org/test-app updater | 2023/11/19 05:01:24 INFO Checking all dependencies for version updates... updater | 2023/11/19 05:01:24 INFO Checking if github.com/robmonte-org/private-repo-1 0.1.0 needs updating proxy | 2023/11/19 05:01:24 [012] GET https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [012] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [012] 200 https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [013] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [013] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [013] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [015] GET https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [015] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [015] 200 https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [016] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [016] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [016] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [017] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [017] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [017] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack updater | 2023/11/19 05:01:24 INFO Latest version is 0.2.0 updater | 2023/11/19 05:01:24 INFO Requirements to unlock own updater | 2023/11/19 05:01:24 INFO Requirements update strategy updater | 2023/11/19 05:01:24 INFO Updating github.com/robmonte-org/private-repo-1 from 0.1.0 to 0.2.0 proxy | 2023/11/19 05:01:24 [019] GET https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [019] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [021] GET https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [021] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [021] 403 https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [021] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:24 [021] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:24 [019] 200 https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:24 [022] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:24 [022] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:24 [021] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [024] GET https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:25 [024] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [024] 404 https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:25 [024] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:25 [022] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:25 [026] GET https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:25 [026] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [024] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [024] * auth'd git request returned 404, retrying without auth proxy | 2023/11/19 05:01:25 [024] * de-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [024] WARN: Cannot write TLS response body from mitm'd client: write tcp 192.168.1.1:1080->192.168.1.2:42744: write: connection reset by peer proxy | 2023/11/19 05:01:25 [026] 200 https://github.com:443/robmonte-org/private-repo-1/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:25 [027] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:25 [027] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [027] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:25 [028] POST https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:25 [028] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [028] 200 https://github.com:443/robmonte-org/private-repo-1/git-upload-pack proxy | 2023/11/19 05:01:25 [030] GET https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:25 [030] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [030] 403 https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:25 [030] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:25 [030] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:25 [030] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [032] GET https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:25 [032] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:25 [032] 404 https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:25 [032] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:25 [032] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [032] * auth'd git request returned 404, retrying without auth proxy | 2023/11/19 05:01:25 [032] * de-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:25 [032] WARN: Cannot write TLS response body from mitm'd client: write tcp 192.168.1.1:1080->192.168.1.2:42772: write: connection reset by peer updater | 2023/11/19 05:01:25 INFO Handled error whilst updating github.com/robmonte-org/private-repo-1: git_dependencies_not_reachable {:"dependency-urls"=>["github.com/robmonte-org/private-repo-2"]} updater | 2023/11/19 05:01:25 INFO Checking if github.com/robmonte-org/private-repo-2 0.1.0 needs updating proxy | 2023/11/19 05:01:26 [036] GET https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:26 [036] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:26 [036] 403 https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:26 [036] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:26 [036] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:26 [036] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [038] GET https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:26 [038] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:26 [038] 404 https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:26 [038] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:26 [038] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [038] * auth'd git request returned 404, retrying without auth proxy | 2023/11/19 05:01:26 [038] * de-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [038] WARN: Cannot write TLS response body from mitm'd client: write tcp 192.168.1.1:1080->192.168.1.2:42798: write: connection reset by peer proxy | 2023/11/19 05:01:26 [040] GET https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:26 [040] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:26 [040] 403 https://github.com:443/robmonte-org/private-repo-2/info/refs?service=git-upload-pack proxy | 2023/11/19 05:01:26 [040] Remote response: Write access to repository not granted. proxy | 2023/11/19 05:01:26 [040] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:26 [040] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [042] GET https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:26 [042] * authenticating git server request (host: github.com) proxy | 2023/11/19 05:01:26 [042] 404 https://github.com:443/robmonte-org/private-repo-2 proxy | 2023/11/19 05:01:26 [042] * auth'd git request failed authentication, retrying with alternate provided auth proxy | 2023/11/19 05:01:26 [042] * re-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [042] * auth'd git request returned 404, retrying without auth proxy | 2023/11/19 05:01:26 [042] * de-auth'd request returned 404, ignoring response proxy | 2023/11/19 05:01:26 [042] WARN: Cannot write TLS response body from mitm'd client: write tcp 192.168.1.1:1080->192.168.1.2:42818: write: connection reset by peer updater | 2023/11/19 05:01:26 INFO Handled error whilst updating github.com/robmonte-org/private-repo-2: git_dependencies_not_reachable {:"dependency-urls"=>["github.com/robmonte-org/private-repo-2"]} updater | 2023/11/19 05:01:26 INFO Finished job processing updater | 2023/11/19 05:01:26 INFO Results: updater | Dependabot encountered '2' error(s) during execution, please check the logs for more details. updater | +-------------------------------------------------------------------------+ updater | | Dependencies failed to update | updater | +------------------------------------------------+------------------------+ updater | | github.com/robmonte-org/private-repo-1 | git_dependencies_not_reachable | updater | | github.com/robmonte-org/private-repo-2 | git_dependencies_not_reachable | updater | +------------------------------------------------+------------------------+ ```

---

Smallest manifest that reproduces the issue

No response

[justinmchase]

Or at the very least create an issue automatically which indicates whats going wrong. A lack of a PR is a hard way to detect that the whole thing is failing.