New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closing .NET PRs as "no longer needed" when dependency is still present and out-of-date #9612
Comments
Here's another, on a public repo, after rebasing a PR, which left the dependency out of date: Particular/TimeoutMigrationTool: Bump System.IdentityModel.Tokens.Jwt from 7.3.0 to 7.5.1 after a In the Dependabot log I do see an error:
Is it possible that the updater continues after this error thinking there are no dependencies? |
Note that we do have this in our Directory.Build.props, which is distributed organization-wide:
Could this be the source of the item already added to dictionary exception? Because this is completely valid in MSBuild and required to support projects that are configured with central package management as well as those that are not. |
Looks like the same exception and stack trace in #9495. |
|
@DavidBoike Thank you for calling my attention to this. I was doing a lightning triage this morning and skipped right past your PR. I've approved it and I'm working on finding somebody with merge permissions to finish it out. |
Is there an existing issue for this?
Package ecosystem
.NET
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
https://github.com/Particular/ServiceControl/blob/master/src/Directory.Packages.props#L17
dependabot.yml content
https://github.com/Particular/ServiceControl/blob/master/.github/dependabot.yml
Updated dependency
Microsoft.AspNetCore.Mvc.Testing from 8.0.3 to 8.0.4
What you expected to see, versus what you actually saw
Dependabot PR was approved, and auto-merge was enabled. Instead of merging, Dependabot left the comment:
Except it's definitely still used. A code search of the repo shows the version defined in https://github.com/Particular/ServiceControl/blob/da452ea82a2cf6aca420d73029c7861cc009c764/src/Directory.Packages.props#L17 as 8.0.3 and the package being referenced in several projects in the solution, while the actual current version of the package on NuGet is 8.0.4.
Native package manager behavior
N/A
Images of the diff or a link to the PR, issue, or logs
Particular/ServiceControl#4066
Smallest manifest that reproduces the issue
Not sure, but we have only seen this in:
The text was updated successfully, but these errors were encountered: