Migration to v2 of config files doesn't honour update schedule

[gnarea]

See relaycorp/awala-pong#85 for example. That repo uses live updates but the PR would change it to daily.

[feelepxyz]

@gnarea yeah we currently move live to daily when migrating because we don't support live schedules in the GitHub native version. We would like to support this eventually but will take some time to get this right.

[vbuberen]

Can confirm this issue, but for weekly schedule.
Dependabot Preview works just fine on my own fork of the library I support, while Github native version worked only once when I just added v2 config into the repo a few weeks ago.

Here is the config I use: https://github.com/ChuckerTeam/chucker/blob/develop/.github/dependabot.yml

Here is a list of PRs in the original repo: https://github.com/ChuckerTeam/chucker/pulls - no PRs from Dependabot last few weeks.
Here is a list of PRs for my fork: https://github.com/vbuberen/chucker/pulls, where Dependabot Preview created 2 PRs just yesterday.

[l0b0]

Any updates on this? This project has configured pip upgrades to be weekly to reduce the noise from some packages updating every day, but we're still getting new PRs every day.

[asciimike]

@l0b0 I'm seeing it as being configured to weekly on our side. It's possible that you're getting security updates or that runs previously errored and are being re-run and thus creating PRs "out of schedule". We've got some info in the docs about this: https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#scheduleinterval, https://docs.github.com/en/code-security/supply-chain-security/enabling-and-disabling-version-updates#about-version-updates-for-dependencies, though please let me know if this needs additional content.

I'm closing this issue since the original issue (live becomes daily) is WAI, and I'm tracking #3488, plus it looks like https://github.com/ChuckerTeam/chucker/pulls is getting Dependabot PRs again.