-
Notifications
You must be signed in to change notification settings - Fork 938
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
grouped security updates: use the group if one is defined #8742
grouped security updates: use the group if one is defined #8742
Conversation
Almost good to go, but the devcontainers smoke test is trying to tell me something is wrong. |
Some of the new tests I just merged in are failing, so taking it back to draft. |
I deployed this PR and saw exceptions where a grouped security update with 1 dependency wasn't getting picked up by the GroupUpdateAllVersions operation. So in 06673bf I swapped the check for an implicit group to be if This will all be cleaned up once the API sends groups! 😓 |
Redeployed and it looks good! |
Previously we assumed that a grouped security update would just group all of the dependencies passed in the job.
This PR will cause grouped security updates to use the one defined in the job instead.
We can't merge this until the service starts sending groups for these types of jobs.I've updated this to fallback to the old behavior, so it should be mergeable now.