GH-integrated Dependabot uses the wrong branch #11710
Replies: 2 comments 1 reply
-
This morning Dependabot again created a PR for the There's no mention of this Dependabot run in the logs (last one is reported 5 days ago), so not sure why this keeps happening... |
Beta Was this translation helpful? Give feedback.
-
From what I'm reading at github/docs#12455:
Are the PRs you're seeing against main security updates? If so that appears to be the expected behavior. |
Beta Was this translation helpful? Give feedback.
-
Hi there, we're using the GitHub-integrated dependabot excessively in our GitHub repositories and it works pretty well. We've also created a simple PowerShell script triggered by a GitHub Actions workflow to auto-generate the
dependabot.yml
(see Automated dependabot configuration in GitHub for more).What we're observing from time to time is that dependabot is using the wrong target branch. Here for example the most recent one:
Dependabot is creating a PR against
main
. But the configuration says it should do it againstcomponent-updates
.The log under
Insights
->Dependency graph
does not give us any indicators what went wrong, and it says it was executed "3 days ago". The PR though was raised 32 minutes ago. Are there any other log files available helping us to understand the behavior of the GitHub-integrated dependabot? Any advice would be appreciated!CC: @msimecek
Beta Was this translation helpful? Give feedback.
All reactions