-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Grouped updates] Incorrect "Skipping <dependency> as it has already been handled by a previous group" #11093
Labels
L: github:actions
GitHub Actions
L: go:modules
Golang modules
L: rust:cargo
Rust crates via cargo
T: bug 🐞
Something isn't working
Comments
github-actions
bot
added
L: github:actions
GitHub Actions
L: go:modules
Golang modules
L: rust:cargo
Rust crates via cargo
labels
Dec 10, 2024
edmorley
added a commit
to heroku/buildpacks-python
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-python
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-ruby
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-procfile
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-php
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-go
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-dotnet
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-deb-packages
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-nodejs
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-jvm
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/languages-github-actions
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
This was referenced Dec 10, 2024
edmorley
added a commit
to heroku/buildpacks-procfile
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-go
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-deb-packages
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-nodejs
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-jvm
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/languages-github-actions
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-dotnet
that referenced
this issue
Dec 10, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
schneems
pushed a commit
to heroku/buildpacks-ruby
that referenced
this issue
Dec 11, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
edmorley
added a commit
to heroku/buildpacks-ruby
that referenced
this issue
Dec 11, 2024
To work around this Dependabot bug: dependabot/dependabot-core#11093
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
L: github:actions
GitHub Actions
L: go:modules
Golang modules
L: rust:cargo
Rust crates via cargo
T: bug 🐞
Something isn't working
Is there an existing issue for this?
Package ecosystem
Cargo
Package manager version
1.83
Language version
1.83
Manifest location and content before the Dependabot update
https://github.com/heroku/buildpacks-procfile/blob/7cded99455a9d57d998d1f986b7ad1252ae7f0d6/Cargo.toml
dependabot.yml content
https://github.com/heroku/buildpacks-procfile/blob/7cded99455a9d57d998d1f986b7ad1252ae7f0d6/.github/dependabot.yml
Updated dependency
No response
What you expected to see, versus what you actually saw
I expected Dependabot to open a grouped PR for the "libcnb" group, containing updates to three packages:
libcnb
,libcnb-test
andlibherokubuildpack
.Instead, no PR was opened, and in the Dependabot logs I see an incorrect message about the dependencies having been handled in a previous group:
(see https://github.com/heroku/buildpacks-procfile/actions/runs/12254836672/job/34186616891)
This is not the first time we've had strange behaviour around groups (eg PRs not opening when expected, or else one of the libcnb packages appearing in the fallback "rust-dependencies" group, rather than the "libcnb" group that's been defined for them).
IMO there is a race condition or similar here, which is meaning the "groups are applied in the order they are defined in the Dependabot config" rule is not applied consistently, for cases where the criteria for the groups are overlapping. (eg the Dependencies sometimes get associated with the wrong group)
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response
The text was updated successfully, but these errors were encountered: