grouped refresh causes dependency duplication

[jakecoffman]

We're still seeing duplication [...]

For example, this grouped PR includes the libcnb-data and libcnb-package packages:
heroku/languages-github-actions#152

...even though they are covered by this (earlier in the Dependabot config definition) group:
heroku/languages-github-actions#148

Our Dependabot config is here:
https://github.com/heroku/languages-github-actions/blob/main/.github/dependabot.yml

And I reported this originally here:
#7939

Which was then marked as a duplicate of #7915 (which this PR closed).

Originally posted by @edmorley in #8106 (comment)

[jakecoffman]

@edmorley Thanks for reporting that!

I forked the repo and Dependabot correctly created PRs with no duplication so it looks like #8106 was successful in that regard.

However once I ran the @dependabot recreate command on the rust-dependencies group PR it recreated and added back in the libcnb-data and libcnb-package dependencies.

I think I know what to do here, I'll try to get that fixed up today!

[jakecoffman]

@edmorley This is fixed now. Since the repo is in a weird state, I suggest commenting @dependabot recreate on heroku/languages-github-actions#152 which should close the PR and put a new one up without duplication.

[edmorley]

@jakecoffman That was fast, thank you!

Looking great now - the @dependabot recreate successfully closed the old PR with dupes, then I manually triggered a new Dependabot run which opened a new PR with no dupes :-)
heroku/languages-github-actions#156

[edmorley]

I am seeing some old/superseded PRs not being closed though - for which I've filed #8162.