Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Dependabot not creating updates? (Which?) #2615

Closed
vorburger opened this issue Jul 11, 2024 · 9 comments
Closed

Dependabot not creating updates? (Which?) #2615

vorburger opened this issue Jul 11, 2024 · 9 comments
Assignees

Comments

@vorburger
Copy link
Member

@jingtang10 asked why, after #2598 was merged (when EXACTLY?) Dependabot does not generate PRs to upgrade some of the libraries that PR moved to the version catalog; let's look into and track that in this issue.

https://github.com/google/android-fhir/blob/master/.github/dependabot.yaml is currently configured to propose updates only once a week, on Mondays. Perhaps it just needs more time?

But e.g. on https://github.com/google/android-fhir/security/dependabot/70 it says: "Dependabot has taken too long to create an update. Dependabot may be experiencing problems creating updates for this project. If this problem persists, please contact support." and links to https://docs.github.com/en/code-security/dependabot/working-with-dependabot/troubleshooting-dependabot-errors

I'll click "Try again" on that UI to see if that helps...

@vorburger
Copy link
Member Author

I'll click "Try again" on that UI to see if that helps...

Doing this causes that UI to point me to #2602, which was closed without being merged (why?).

@vorburger
Copy link
Member Author

@jingtang10 which specific dependency from #2598 were you hoping to receive an automated Dependabot bump/upgrade PR for? Perhaps it's easier to debug this chasing a specific example.

@vorburger vorburger changed the title Dependabot has taken too long to create an update. Dependabot may be experiencing problems creating updates for this project. Dependabot not creating updates? (Which?) Jul 11, 2024
@jingtang10
Copy link
Collaborator

@jingtang10 which specific dependency from #2598 were you hoping to receive an automated Dependabot bump/upgrade PR for? Perhaps it's easier to debug this chasing a specific example.

android studio is giving a lot of suggestions in the version catalog that many libraries now have later versions but i'm not seeing dependabot creating prs.

@jingtang10
Copy link
Collaborator

Screenshot 2024-07-11 at 11 24 15

@vorburger
Copy link
Member Author

vorburger commented Jul 11, 2024

Interesting. I'd say let's wait until coming Monday (given our Dependabot schedule; see above), as the first step.

If no new updates for this library by Tuesday, let's dig deeper, and possibly reach out to GitHub support.

@vorburger
Copy link
Member Author

@jingtang10 Dependabot did open e.g. #2622 and #2619 yesterday... do you want to close this issue, based on seeing that?

Or were you expecting more PRs for more dependencies? Then it's possible I can help to tweak the config to lower the "throttling" which I'm assuming it currently does... I can make it raise PRs for ALL possible updates EVERY day. But that COULD "overwhelm" the reviewers team? Your call, let me know.

@vorburger
Copy link
Member Author

@jingtang10 also I just noticed #2620 and #2621 and #2623 were raised by Dependabot yesterday, and merged.

@jingtang10
Copy link
Collaborator

Thanks Michael

@github-project-automation github-project-automation bot moved this from New to Complete in Android FHIR SDK Jul 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Complete
Development

No branches or pull requests

2 participants