Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ignore is not respecting in a group dependencies #10122

Open
1 task done
alexcastrodev opened this issue Jul 1, 2024 · 2 comments
Open
1 task done

Ignore is not respecting in a group dependencies #10122

alexcastrodev opened this issue Jul 1, 2024 · 2 comments
Labels
L: git:submodules Git submodules L: ruby:bundler RubyGems via bundler T: bug 🐞 Something isn't working

Comments

@alexcastrodev
Copy link

Is there an existing issue for this?

  • I have searched the existing issues

Package ecosystem

bundler

Package manager version

2.4

Language version

ruby 3.2.2

Manifest location and content before the Dependabot update

No response

dependabot.yml content

version: 2

updates:

  • package-ecosystem: "bundler"
    directory: "/"
    schedule:
    interval: "daily"
    groups:
    production-dependencies:
    dependency-type: "production"
    development-dependencies:
    dependency-type: "development"
    dependabot.yml-file#ignore
    ignore:
    • dependency-name: "parser"
      update-types: ["version-update:semver-major", "version-update:semver-minor"]

Updated dependency

parser

What you expected to see, versus what you actually saw

I want to ignore all major and minor, only accept patches, but it changing my Gemlock to major.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

No response

Smallest manifest that reproduces the issue

alexcastrodev/dependabot_parse#1
@alexcastrodev alexcastrodev added the T: bug 🐞 Something isn't working label Jul 1, 2024
@github-actions github-actions bot added L: git:submodules Git submodules L: ruby:bundler RubyGems via bundler labels Jul 1, 2024
@alexcastrodev alexcastrodev reopened this Jul 7, 2024
@alexcastrodev
Copy link
Author

Updates: if I ignore all version, it works, but if I ignore major and minor, dependabot create a PR updating major version

@tvdijen
Copy link

tvdijen commented Aug 5, 2024
edited
Loading

I suspect I have the same issue here with Dependabot-config here
Still getting major updates despite the ignore-rule.

@cpovirk cpovirk mentioned this issue Oct 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
L: git:submodules Git submodules L: ruby:bundler RubyGems via bundler T: bug 🐞 Something isn't working
Projects
Dependabot
Status: Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tvdijen @alexcastrodev