Closed bm-fez closed 2 months ago
@bm-fez support for directories
is a relatively new change and isn't supported in the default "update_script" shown in your logs.
You can use directories by switching to "update_script_vnext". Enable it by checking the "Use latest update script (vNext)" checkbox under "Advanced" in the task options, or using useUpdateScriptvNext: true
if using YML pipelines.
More info about the vNext script and the new features it supports can be found in https://github.com/tinglesoftware/dependabot-azure-devops/pull/1186.
Thanks the useUpdateScriptvNext: true
parameter unblocked us.
Describe the bug We are trying to use the following
dependabot.yml
file with thedirectories
We can see from the logs that this results in the expected docker run command line
However the logs show the analysis is being done of the default directory
It appears the
DEPENDABOT_DIRECTORIES
is not being honouredWe have also tried (using a locally hosted docker container
DEPENDABOT_DIRECTORIES=["/api"]
- same resultDEPENDABOT_DIRECTORIES=["**/*"]
- docs say globstar format sold be accessed, but same resultDIRECTORY=**/*
- does not work as DIRECTORY does not accept wildcardDIRECTORY=/api
- If we swap to using a singledirectory
entry, for either two listed directories, analysis works as expectedI have no Ruby skills (hence I have not attempted to submit a PR), but unless I missed it I don't think the
directories
array is passed into the update_script code.Categorization
To Reproduce Attempt to use the
directories
as opposed to thedirectory
Expected behavior Should be able to do analysis of multiple listed directories, or ones specified with Globstar syntax
Extension (please complete the following information):
Server (please complete the following information):