Errors when updating dependency graphs

roygronmo commented 6 months ago

Is there an existing issue for this?

[X] I have searched the existing issues

Package ecosystem

Maven central and github packages

Package manager version

No response

Language version

Java v.21

Manifest location and content before the Dependabot update

No response

dependabot.yml content

No response

Updated dependency

No response

What you expected to see, versus what you actually saw

https://github.com/nrkno/lydbanken/network/updates/10637275/jobs fails to update due to errors.

However, our gradle build on master works fine.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

No response

roygronmo commented 6 months ago

Error dump: updater | 2024/03/26 06:04:11 ERROR Error processing commons-io:commons-io (NoMethodError) updater | 2024/03/26 06:04:11 ERROR undefined method content' for nil:NilClass updater | updater | original_content = buildfile.content.dup updater | ^^^^^^^^ updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:116:inupdate_version_in_buildfile' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:74:in block in update_buildfiles_for_dependency' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:62:ineach' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:62:in update_buildfiles_for_dependency' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:28:inblock in updated_dependency_files' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:27:in each' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/gradle/lib/dependabot/gradle/file_updater.rb:27:inupdated_dependency_files' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/dependency_change_builder.rb:135:in generate_dependency_files' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:inbind_call' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in validate_call' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:inblock in _on_method_added' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/dependency_change_builder.rb:68:in run' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:inbind_call' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in validate_call' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:inblock in _on_method_added' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/dependency_change_builder.rb:42:in create_from' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:inbind_call' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in validate_call' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:inblock in _on_method_added' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/updater/operations/update_all_versions.rb:132:in check_and_create_pull_request' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/lib/dependabot/updater/operations/update_all_versions.rb:64:incheck_and_create_pr_with_error_handling' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/updater/operations/update_all_versions.rb:39:in block in perform' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/lib/dependabot/updater/operations/update_all_versions.rb:39:ineach' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/updater/operations/update_all_versions.rb:39:in perform' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/lib/dependabot/updater.rb:45:inrun' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:44:in block in perform_job' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:inblock in in_span' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in block in with_span' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/context.rb:87:inwith_value' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in with_span' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:inin_span' updater | 2024/03/26 06:04:11 ERROR /home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:18:in perform_job' updater | 2024/03/26 06:04:11 ERROR <job_805416291> /home/dependabot/dependabot-updater/lib/dependabot/base_command.rb:37:inrun' updater | 2024/03/26 06:04:11 ERROR bin/update_files.rb:33:in `

'

haraldk commented 3 months ago

For what it's worth, I believe the issue is that our project (the same as mentioned by @roygronmo above) uses Git submodules in a somewhat odd way.

Dependencies are kept in a separate submodule, then included in the current project via Gradle apply from statements, to keep equal versions of common dependencies across multiple projects (ie. an alternative to a BOM or other versioned artifact with versioned dependencies).

File structure is similar to this:

common-dependencies (git repo):

dependencies-foo.gradle       # let's pretend this includes the commons-io:commons-io dependency above
dependencies-bar.gradle

product (git repo):

build-dependencies                 #  git submodule ->  common-dependencies
build.gradle

The build.gradle then contains:

apply from: 'dependencies-foo.gradle'

// ...

dependencies {
    implementation project.libraries.commons_io
    // ...
}

I believe that this causes dependabot to try to create a PR updating the commons-io dependency in the product repo, but as the dependencies-foo.gradle file isn't part of that repo, the update fails.

dependabot / dependabot-core