Grouped update PR includes no details about upgrades (part 2)

[edmorley]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

Bundler

Package manager version

No response

Language version

No response

Manifest location and content before the Dependabot update

https://github.com/heroku/cheverny/blob/cd5532e9d949522d3dfd317b363987271fd8a8c1/Gemfile
https://github.com/heroku/cheverny/blob/cd5532e9d949522d3dfd317b363987271fd8a8c1/Gemfile.lock

dependabot.yml content

version: 2
registries:
  ruby-REDACTED:
    type: "rubygems-server"
    url: REDACTED
    username: "${{secrets.REDACTED}}"
    password: ""
updates:
  - package-ecosystem: "bundler"
    directory: "/"
    vendor: true
    registries:
      - ruby-REDACTED
    schedule:
      interval: "monthly"
    groups:
      ruby-dependencies:
        update-types:
          - "minor"
          - "patch"

Updated dependency

No response

What you expected to see, versus what you actually saw

The Dependabot grouped PR's description does not include any information about the packages updated by the PR:
https://github.com/heroku/cheverny/pull/375

This is a regression that started about 3 weeks ago.

The fix in #9457 (comment) didn't seem to help, though there is now a stacetrace.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

https://github.com/heroku/cheverny/network/updates/818141343

updater | 2024/04/22 19:10:22 INFO <job_818141343> Creating a new pull request for 'ruby-dependencies'
  proxy | 2024/04/22 19:10:22 [685] GET https://api.github.com:443/repos/heroku/cheverny/commits?per_page=100
  proxy | 2024/04/22 19:10:22 [685] * authenticating github api request with token for api.github.com
  proxy | 2024/04/22 19:10:22 [685] 200 https://api.github.com:443/repos/heroku/cheverny/commits?per_page=100
  proxy | 2024/04/22 19:10:23 [687] GET https://rubygems.org:443/api/v1/gems/aws-sdk-s3.json
  proxy | 2024/04/22 19:10:23 [687] 200 https://rubygems.org:443/api/v1/gems/aws-sdk-s3.json
  proxy | 2024/04/22 19:10:23 [689] GET https://rubygems.org:443/api/v1/gems/excon.json
  proxy | 2024/04/22 19:10:23 [689] 200 https://rubygems.org:443/api/v1/gems/excon.json
  proxy | 2024/04/22 19:10:23 [691] GET https://rubygems.org:443/api/v1/gems/pg.json
  proxy | 2024/04/22 19:10:23 [691] 200 https://rubygems.org:443/api/v1/gems/pg.json
  proxy | 2024/04/22 19:10:23 [693] GET https://rubygems.org:443/api/v1/gems/rake.json
  proxy | 2024/04/22 19:10:23 [693] 200 https://rubygems.org:443/api/v1/gems/rake.json
  proxy | 2024/04/22 19:10:23 [695] GET https://rubygems.org:443/api/v1/gems/sequel.json
  proxy | 2024/04/22 19:10:23 [695] 200 https://rubygems.org:443/api/v1/gems/sequel.json
  proxy | 2024/04/22 19:10:23 [697] GET https://rubygems.org:443/api/v1/gems/rubocop.json
  proxy | 2024/04/22 19:10:23 [697] 200 https://rubygems.org:443/api/v1/gems/rubocop.json
  proxy | 2024/04/22 19:10:23 [699] GET https://rubygems.org:443/api/v1/gems/rubocop-rspec.json
  proxy | 2024/04/22 19:10:23 [699] 200 https://rubygems.org:443/api/v1/gems/rubocop-rspec.json
  proxy | 2024/04/22 19:10:23 [701] GET https://api.github.com:443/repos/aws/aws-sdk-ruby/releases?per_page=100
  proxy | 2024/04/22 19:10:23 [701] * authenticating github api request with token for api.github.com
  proxy | 2024/04/22 19:10:24 [701] 200 https://api.github.com:443/repos/aws/aws-sdk-ruby/releases?per_page=100
  proxy | 2024/04/22 19:10:24 [703] GET https://api.github.com:443/repos/aws/aws-sdk-ruby/contents/gems/aws-sdk-s3?ref=version-3
  proxy | 2024/04/22 19:10:24 [703] * authenticating github api request with token for api.github.com
  proxy | 2024/04/22 19:10:25 [703] 200 https://api.github.com:443/repos/aws/aws-sdk-ruby/contents/gems/aws-sdk-s3?ref=version-3
updater | 2024/04/22 19:10:25 ERROR <job_818141343> Error while generating PR message: no implicit conversion of Symbol into Integer
updater | 2024/04/22 19:10:25 ERROR <job_818141343> /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:134:in `changelog_from_suggested_url'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:96:in `changelog'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:63:in `changelog_url'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/metadata_finders/base.rb:63:in `changelog_url'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /usr/local/lib/ruby/3.1.0/forwardable.rb:238:in `changelog_url'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:110:in `changelog_cascade'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:65:in `to_s'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:723:in `metadata_cascades_for_dep'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:709:in `block in metadata_cascades'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:694:in `map'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:694:in `metadata_cascades'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:124:in `pr_message'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:175:in `message'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/_methods.rb:272:in `block in _on_method_added'
updater | /home/dependabot/dependabot-updater/lib/dependabot/dependency_change.rb:76:in `pr_message'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `bind_call'
updater | /home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11193/lib/types/private/methods/call_validation.rb:272:in `validate_call'
...

Smallest manifest that reproduces the issue

No response

[jakecoffman]

This appears to be caused by #9429. The ChangelogFinder is querying https://api.github.com:443/repos/aws/aws-sdk-ruby/contents/gems/aws-sdk-s3?ref=version-3 which returns an array, so tmp_files[:name] raises no implicit conversion of Symbol into Integer.

dependabot-core/common/lib/dependabot/metadata_finders/base/changelog_finder.rb

Lines 132 to 136 in 005dd73

	# If the suggested source points to a specific directory
	# then we will receive a hash for just the changelog file
	if suggested_source&.directory && tmp_files[:name] == filename
	return @changelog_from_suggested_url = tmp_files
	end

@Nishnha suggestions on how to fix it?

[bmulholland]

Same thing for us:

updater | 2024/04/23 10:11:58 ERROR <job_818660195> Error while generating PR message: no implicit conversion of Symbol into Integer
updater | 2024/04/23 10:11:58 ERROR <job_818660195> /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:134:in `changelog_from_suggested_url'

I guess this would be triggered for any grouped updates for ruby repos that use AWS? Maybe any dependabot upgrades for those repos?

[Nishnha]

Thanks for tagging me. The tmp_files object is of type Sawyer::Resource so we should be able to check if the :name key is present before accessing it with https://www.rubydoc.info/gems/sawyer/0.5.2/Sawyer%2FResource:key%3F

If we want to make this even more robust we could ask what the tmp_files.responds_to? to determine if it should be treated as a Hash or Array.

[broksonic21]

Ran into this as well: (w/ Dependabot on Github Actions)

proxy | 2024/04/24 13:16:50 [811] GET [https://rubygems.org:443/api/v1/gems/yajl-ruby.json](https://rubygems.org/api/v1/gems/yajl-ruby.json)
  proxy | 2024/04/24 13:16:50 [811] 200 [https://rubygems.org:443/api/v1/gems/yajl-ruby.json](https://rubygems.org/api/v1/gems/yajl-ruby.json)
  proxy | 2024/04/24 13:16:50 [813] GET [https://api.github.com:443/repos/rails/rails/releases?per_page=100](https://api.github.com/repos/rails/rails/releases?per_page=100)
  proxy | 2024/04/24 13:16:50 [813] * authenticating github api request with token for api.github.com
  proxy | 2024/04/24 13:16:51 [813] 200 [https://api.github.com:443/repos/rails/rails/releases?per_page=100](https://api.github.com/repos/rails/rails/releases?per_page=100)
  proxy | 2024/04/24 13:16:51 [815] GET [https://api.github.com:443/repos/rails/rails/contents/activesupport?ref=v7.1.3.2](https://api.github.com/repos/rails/rails/contents/activesupport?ref=v7.1.3.2)
2024/04/24 13:16:51 [815] * authenticating github api request with token for api.github.com
  proxy | 2024/04/24 13:16:51 [815] 200 [https://api.github.com:443/repos/rails/rails/contents/activesupport?ref=v7.1.3.2](https://api.github.com/repos/rails/rails/contents/activesupport?ref=v7.1.3.2)
updater | 2024/04/24 13:16:51 ERROR <job_819254365> Error while generating PR message: no implicit conversion of Symbol into Integer
updater | 2024/04/24 13:16:51 ERROR <job_819254365> /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:134:in `changelog_from_suggested_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:96:in `changelog'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:63:in `changelog_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/metadata_finders/base.rb:63:in `changelog_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.[1135](https://github.com/guideline-platform/test_runner/actions/runs/8817162518/job/24202892835#step:3:1137)3/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/usr/local/lib/ruby/3.1.0/forwardable.rb:238:in `changelog_url'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:110:in `changelog_cascade'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder/metadata_presenter.rb:65:in `to_s'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:723:in `metadata_cascades_for_dep'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:709:in `block in metadata_cascades'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:694:in `map'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:694:in `metadata_cascades'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:124:in `pr_message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:175:in `message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/dependency_change.rb:76:in `pr_message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:292:in `create_pull_request_data'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:40:in `block in create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `block in in_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `block in with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/context.rb:87:in `with_value'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `in_span'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:34:in `create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/service.rb:54:in `create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/create_group_update_pull_request.rb:47:in `perform'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:127:in `run_update_for'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:109:in `block in run_grouped_dependency_updates'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:108:in `each'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:108:in `run_grouped_dependency_updates'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:55:in `perform'
/home/dependabot/dependabot-updater/lib/dependabot/updater.rb:45:in `run'
/home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:44:in `block in perform_job'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `block in in_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `block in with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/context.rb:87:in `with_value'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `in_span'
/home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:18:in `perform_job'
/home/dependabot/dependabot-updater/lib/dependabot/base_command.rb:37:in `run'
bin/update_files.rb:44:in `<main>'
  proxy | 2024/04/24 13:16:51 [817] GET https://api.github.com:443/repos/rails/rails/contents/activesupport?ref=v7.1.3.2
2024/04/24 13:16:51 [817] 200 [https://api.github.com:443/repos/rails/rails/contents/activesupport?ref=v7.1.3.2](https://api.github.com/repos/rails/rails/contents/activesupport?ref=v7.1.3.2)
updater | 2024/04/24 13:16:51 ERROR <job_819254365> Error while generating commit message: no implicit conversion of Symbol into Integer
updater | 2024/04/24 13:16:51 ERROR <job_819254365> /home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:134:in `changelog_from_suggested_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
/home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:96:in `changelog'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:393:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:393:in `block in create_validator_method_skip_return_fast0'
/home/dependabot/common/lib/dependabot/metadata_finders/base/changelog_finder.rb:63:in `changelog_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
/home/dependabot/common/lib/dependabot/metadata_finders/base.rb:63:in `changelog_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation_2_7.rb:919:in `block in create_validator_method_medium0'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:772:in `changelog_url'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:663:in `metadata_links_for_dep'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:654:in `block in metadata_links'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:647:in `map'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:647:in `metadata_links'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:161:in `commit_message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/common/lib/dependabot/pull_request_creator/message_builder.rb:176:in `message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/dependency_change.rb:76:in `pr_message'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:292:in `create_pull_request_data'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:40:in `block in create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `block in in_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `block in with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/context.rb:87:in `with_value'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `in_span'
/home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:34:in `create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/service.rb:54:in `create_pull_request'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `bind_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/call_validation.rb:270:in `validate_call'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/sorbet-runtime-0.5.11353/lib/types/private/methods/_methods.rb:277:in `block in _on_method_added'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/create_group_update_pull_request.rb:47:in `perform'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:127:in `run_update_for'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:109:in `block in run_grouped_dependency_updates'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:108:in `each'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:108:in `run_grouped_dependency_updates'
/home/dependabot/dependabot-updater/lib/dependabot/updater/operations/group_update_all_versions.rb:55:in `perform'
/home/dependabot/dependabot-updater/lib/dependabot/updater.rb:45:in `run'
/home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:44:in `block in perform_job'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `block in in_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `block in with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/context.rb:87:in `with_value'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace.rb:70:in `with_span'
/home/dependabot/dependabot-updater/vendor/ruby/3.1.0/gems/opentelemetry-api-1.2.3/lib/opentelemetry/trace/tracer.rb:37:in `in_span'
/home/dependabot/dependabot-updater/lib/dependabot/update_files_command.rb:18:in `perform_job'
/home/dependabot/dependabot-updater/lib/dependabot/base_command.rb:37:in `run'
bin/update_files.rb:44:in `<main>'
  proxy | 2024/04/24 13:16:51 [819] POST /update_jobs/819254365/create_pull_request
  proxy | 2024/04/24 13:16:52 [819] 204 /update_jobs/819254365/create_pull_request

[jakecoffman]

Should be fixed now, let me know if you're still having an issue with new PRs.

[edmorley]

@jakecoffman Thank you for the update. I retriggered Dependabot, causing it to perform a rebase operation on the existing grouped update PR, however, the PR description was not fixed? (Dependabot made edits to the description, but only to add/remove the ~"rebase pending" banner). I also tried using @dependabot recreate but that didn't help either.

https://github.com/heroku/cheverny/network/updates/819371876 (full run retrigger via dashboard)
https://github.com/heroku/cheverny/network/updates/819373314 (from the @dependabot recreate)
https://github.com/heroku/cheverny/pull/375

Is it expected that existing PRs won't get fixed? I'm curious why @dependabot recreate preserves any state at all? Ideally it would be stateless and therefore allow cases like this to self-resolve? (Plus the same for some of the other bugs we had around grouped updates, where existing PRs had to be closed since they wouldn't fix themselves automatically.)

[jakecoffman]

Yes only new PRs will get new PR bodies, updating a PR only sends this data:

dependabot-core/updater/lib/dependabot/api_client.rb

Lines 65 to 67 in b7f14e3

	"dependency-names": dependency_change.updated_dependencies.map(&:name),
	"updated-dependency-files": dependency_change.updated_dependency_files_hash,
	"base-commit-sha": base_commit_sha

The idea being if the dependencies haven't significantly changed the body still is correct. Otherwise it will close and open a new one:

dependabot-core/updater/lib/dependabot/updater/group_update_refreshing.rb

Lines 32 to 35 in b759529

	Dependabot.logger.info("Dependencies have changed, closing existing Pull Request")
	close_pull_request(reason: :dependencies_changed, group: group)
	Dependabot.logger.info("Creating a new pull request for '#{group.name}'")
	service.create_pull_request(dependency_change, dependency_snapshot.base_commit_sha)

The easiest thing you can do is close the grouped PR, it won't create any ignores for grouped PRs, then trigger another Dependabot run. It should create the PR again with metadata.

[edmorley]

The easiest thing you can do is close the grouped PR, it won't create any ignores for grouped PRs, then trigger another Dependabot run. It should create the PR again with metadata.

I tried that, but when Dependabot was retriggered (via the button on https://github.com/heroku/cheverny/network/updates/5428829/jobs), the resultant job summary says:

Version update 819398685
No PRs affected

However, opening the logs for that job I see:

updater | 2024/04/24 20:27:25 INFO <job_819398685> Finished job processing
updater | 2024/04/24 20:27:25 INFO Results:
updater | +------------------------------------------------------------------------------------------------------------------------------------+
updater | |                                                Changes to Dependabot Pull Requests                                                 |
updater | +---------+--------------------------------------------------------------------------------------------------------------------------+
updater | | created | aws-sdk-s3 ( from 1.143.0 to 1.147.0 ), excon ( from 0.109.0 to 0.110.0 ), pg ( from 1.5.5 to 1.5.6 ), rake ( from 13... |
updater | +---------+--------------------------------------------------------------------------------------------------------------------------+
updater | time="2024-04-24T20:27:25Z" level=info msg="task complete" container_id=job-819398685-updater exit_code=0 job_id=819398685 step=updater

(https://github.com/heroku/cheverny/network/updates/819398685)

...which suggests it thinks it did open a PR?

[abdulapopoola]

Re-opening this issue since we are still investigating

[jakecoffman]

@edmorley Sorry about that, I forgot the service checks to see if an identical PR already exists (one that has the same dependencies.) I'm seeing the error PR already exists: #375 in the logs which is why it's not putting up a new PR.

It doesn't look like there's a way to have Dependabot regenerate the metadata on an existing PR for cases like this.

[edmorley]

This seems resolved now, thank you.