Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove source-list-map from package-lock.json #678

Merged
merged 1 commit into from
Jul 12, 2022
Merged

Remove source-list-map from package-lock.json #678

merged 1 commit into from
Jul 12, 2022

Conversation

tnir
Copy link
Collaborator

@tnir tnir commented Jul 12, 2022

Follows up #660

Signed-off-by: Takuya Noguchi takninnovationresearch@gmail.com

@tnir
Remove source-list-map from package-lock.json
bfa30db 
Signed-off-by: Takuya Noguchi <takninnovationresearch@gmail.com>
@deivid-rodriguez deivid-rodriguez temporarily deployed to bundler-site-tnir-follo-qevrty July 12, 2022 11:58 Inactive
@tnir tnir added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jul 12, 2022
deivid-rodriguez
deivid-rodriguez approved these changes Jul 12, 2022
View reviewed changes
Copy link
Member

@deivid-rodriguez deivid-rodriguez left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what happened there 🤷.

@deivid-rodriguez deivid-rodriguez merged commit e05414c into master Jul 12, 2022
@deivid-rodriguez deivid-rodriguez deleted the tnir-followup-660 branch July 12, 2022 12:07
@tnir
Copy link
Collaborator Author

tnir commented Jul 12, 2022

Might be a bug from GitHub Dependabot?

@deivid-rodriguez
Copy link
Member

Maybe, yeah.

@tnir
Copy link
Collaborator Author

tnir commented Jul 12, 2022

Just create a ticket from https://support.github.com/contact/bug-report:

Dependabot suggested inconsistent changes (npm)

What issue are you facing?

In #660, Dependabot suggested inconsistent changes (npm). We need to create a workaround manually at #678.

We would have had a PR from Dependabot including our changes (#678).

What are the steps to reproduce this?

  1. Fork https://github.com/rubygems/bundler-site/tree/cafe158170df9ea59836ad9ab4cf346520ee1002 as the default branch.
  2. Enable Dependatbot alert in the repository settings.
  3. Wait for a week or set frequent to "daily" and wait for a day.

Can you provide any logs? i.e. response headers, output

When we got ttps://github.com//pull/660, we got the following PRs at the same time:

@deivid-rodriguez
Copy link
Member

You might want to report it or look for existing similar issues at https://github.com/dependabot/dependabot-core.

@tnir
Copy link
Collaborator Author

tnir commented Jul 12, 2022

I did not know if @dependabot is still active 😀

It is the public issue tracker for issues related to Dependabot's updating logic. For issues about Dependabot the service, please contact GitHub support. While the distinction between Dependabot Core and the service can be fuzzy, a good rule of thumb is if your issue is with the diff that Dependabot created, it belongs here and for most other things the GitHub support team is best equipped to help you.
-- https://github.com/dependabot/dependabot-core/blob/88451b5aa1d967d2fc2a2fa6af34e4fd290ff1ea/README.md

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@deivid-rodriguez deivid-rodriguez deivid-rodriguez approved these changes

Assignees

@deivid-rodriguez deivid-rodriguez

Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@tnir @deivid-rodriguez