-
Notifications
You must be signed in to change notification settings - Fork 934
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependabot doesn't pin to major version anymore with GitHub Actions #3704
Comments
Confirmed, see e.g. godotengine/godot-docs#4908. |
Some more examples of undesired/unexpected/incorrect version bumping: |
Maybe related to some changes in #3662? This was released two days ago though. |
A workaround would be to set |
@thepwagner Thanks for the fix! Any ETA? Just want to be sure before closing the PRs thanks! |
@crazy-max in QA now, should be live within a few hours (I'll ping here) |
Thanks for the quick fix! Once it’s live, will Dependabot close all the PRs automatically on the next check or do we have to close them manually? |
Sorry for the noise: the fix has been deployed to the GitHub version of Dependabot as
They won't be closed by the next check for any available updates: Dependabot will see no update available and move on. They will be closed if a rebase of a particular PR is requested, like: #3706 (comment) , in that case Dependabot sees the expected update is no longer possible and closes the PR. |
Added to a discussion at community/community#12303 |
Hi,
This morning I have a ton of PRs created by Dependabot although I have pinned to the major version and it does match the latest semver available so I think there's been a recent change in the last few hours that breaks this.
Here is a list of some repos:
Thanks!
The text was updated successfully, but these errors were encountered: