Dependabot undo ignore minor version

[alexandru-calinoiu]

Hi,

I've accidentally ignored the wrong dependency, how can I unde this action?

[feelepxyz]

@alexandru-calinoiu sorry for the slow response! No easy way to undo but can sort it out for you. Which pull request did you issue the command on?

[villelahdenvuo]

@feelepxyz Is there still no way to unignore dependencies? I accidentally ignored all versions and not the major versions.

[feelepxyz]

@villelahdenvuo you should be able to re-open the pull request and this will remove any ignore conditions created for the updated dependency. I don't think it's documented anywhere 😅

[walro]

I don't think it's documented anywhere

As I just found out myself, at https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates#creating-ignore-conditions-from-dependabot-ignore it states:

If you wish to un-ignore a dependency ignored this way, re-open the pull request.

[wheeler]

It's really frustrating that this @ignore experience is not easy to manage. It states clearly that you can clear the ignore if you ... re-open this PR or update to a 5.x.x release yourself.. The latter seems to be the most logical resolution but in my experience it doesn't always work. Then you're stuck with the very unintuitive task of finding and reopening an old PR.

I'm stuck in a catch-22 now where the old PR cannot be reopened for an unrelated reason (root branch was renamed).

Additionally there is no easy way to "list" what ignores are currently active other than crawling through the detailed dependabot execution logs *sigh.