-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependency ecosystems not correctly detected #29
Labels
bug
Something isn't working
keep
do not mark as stale
ready-for-work
Issue is defined enough to begin implementation
Comments
zkoppert
added
bug
Something isn't working
ready-for-work
Issue is defined enough to begin implementation
labels
Jan 29, 2024
This issue is stale because it has been open 21 days with no activity. Remove stale label or comment or this will be closed in 14 days. |
For this maybe its better to temporarily clone the repository and do file search for project files? I feel like rate limits would be spent quickly otherwise. |
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
bug
Something isn't working
keep
do not mark as stale
ready-for-work
Issue is defined enough to begin implementation
The logic to detect whether to configure package updates for most ecosystems, except for GitHub Actions and Terraform only appears to consider files in the root of the repository.
I found this after testing the action out on a .NET repository where the
.csproj
files are in subdirectories within the repository. The action generated adependabot.yml
file that only specified GitHub Actions updates.Each file tested for should recurse through the repository to try and files (maybe within a configurable depth limit to reduce impact on rate limits) so that the generated file is a more accurate reflection of what should be configured.
The text was updated successfully, but these errors were encountered: