Skip to content

ci(dependabot): drop the broken swift ecosystem#42

Merged
BlackHole1 merged 1 commit into
mainfrom
ci/drop-swift-dependabot
Jun 29, 2026
Merged

ci(dependabot): drop the broken swift ecosystem#42
BlackHole1 merged 1 commit into
mainfrom
ci/drop-swift-dependabot

Conversation

@BlackHole1

Copy link
Copy Markdown
Member

The swift package-ecosystem entry has failed on every daily run since it was added in #32, and never once opened a PR — see the latest failure in run 28232164874.

The cause is an architecture mismatch. Dependabot's Swift updater only reads SPM manifests committed to the git tree — a Package.swift plus its Package.resolved lockfile — but this repo has neither: *.xcodeproj and Package.resolved are both gitignored, and the SPM dependencies (Sparkle, KeyboardShortcuts, PermissionFlow) are declared only in xcodegen's project.yml, which Dependabot can't parse. So the scan finds nothing and aborts with dependency_file_not_found: "No files found in /". The config comment claiming Dependabot would discover a nested Package.resolved inside the .xcodeproj was wrong — that path is gitignored and never committed.

Removing the entry costs nothing real: the build commits no lockfile and resolves each package to the latest version within its major on every CI run, so the Swift updater had no pins to bump even in principle. The github-actions ecosystem is untouched and keeps working (it landed #33).

The `swift` package-ecosystem failed on every daily run since it was
added (#32) and never opened a single PR. Dependabot's Swift updater
only reads SPM manifests committed to the git tree (`Package.swift` plus
the `Package.resolved` lockfile), but this repo has none: `*.xcodeproj`
and `Package.resolved` are both gitignored, and the SPM dependencies are
declared only in xcodegen's `project.yml`, which Dependabot cannot
parse. So the scan finds nothing and aborts with
`dependency_file_not_found: "No files found in /"`.

Nothing is lost by removing it: the build commits no lockfile and
resolves each package to the latest version within its major on every
CI run, so the Swift updater had no pins to bump even in principle.
The github-actions ecosystem is unaffected and keeps working.

Signed-off-by: Kevin Cui <bh@bugs.cc>
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: b851b2dc-65f2-4a70-ba1a-f69a7d938d3f

📥 Commits

Reviewing files that changed from the base of the PR and between 60c6938 and f151456.

📒 Files selected for processing (1)
  • .github/dependabot.yml

Summary by CodeRabbit

  • Chores
    • Updated automated dependency update settings for GitHub Actions.
    • Removed the separate Swift package update configuration, leaving only GitHub Actions coverage.

Walkthrough

The .github/dependabot.yml file is updated by removing the Swift Package Manager (package-ecosystem: "swift") dependency update configuration block, which included its schedule, cooldown, grouping, and build commit-message prefix with scope. The top-level comment is reworded to describe only the GitHub Actions update configuration that remains.

Possibly related PRs

  • oomol-lab/LockIME#32: Originally introduced both the GitHub Actions and Swift Package Manager Dependabot configuration blocks in .github/dependabot.yml that this PR partially reverts.
🚥 Pre-merge checks | ✅ 4
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title follows the required type(scope): subject format and accurately describes the Dependabot Swift removal.
Description check ✅ Passed The description directly explains why the Swift Dependabot entry is being removed and matches the change set.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
✨ Simplify code
  • Create PR with simplified code
  • Commit simplified code in branch ci/drop-swift-dependabot

Comment @coderabbitai help to get the list of available commands.

@BlackHole1 BlackHole1 merged commit f060886 into main Jun 29, 2026
3 checks passed
@BlackHole1 BlackHole1 deleted the ci/drop-swift-dependabot branch June 29, 2026 09:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant