Skip to content

Issues: dependabot/dependabot-core

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
66 Open 72 Closed
66 Open 72 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Dynamically install required package manager version at runtime EE Engineering Efficiency L: git:submodules Git submodules L: go:modules Golang modules L: javascript L: python L: rust:cargo Rust crates via cargo T: tech-debt ⚙️
#9286 opened Mar 13, 2024 by JamieMagee
3 👍 4
Merge UpdateChecker and FileUpdater core 🍏 Relates to the dependabot-core library itself good first issue T: tech-debt ⚙️
#7185 opened Apr 27, 2023 by deivid-rodriguez
👍 3
Remove / fix remaining hardcoded branch references to "master" EE Engineering Efficiency T: tech-debt ⚙️
#6202 opened Nov 23, 2022 by jeffwidman
1
@jeffwidman
👍 2
Automatically run bin/tapioca gem when gem dependencies are updated L: github:actions GitHub Actions sorbet 🍦 Relates to Sorbet types T: tech-debt ⚙️
#9559 opened Apr 22, 2024 by robaiken
1 👍 2
Switch bumping cargo indirect deps via cargo's --aggressive flag L: rust:cargo Rust crates via cargo T: tech-debt ⚙️
#6426 opened Jan 13, 2023 by jeffwidman
👍 1
Pip now ships with a full resolver, code likely needs updating based on outdated comment Ecosystems Used by the maintainer team for internal-facing project tracking EE Engineering Efficiency L: python:pip Python packages via pip T: tech-debt ⚙️
#4934 opened Mar 31, 2022 by jeffwidman
👍 1
Publish a document targeting maintainers explaining how they can get package changelogs auto-pulled into Dependabot E: documentation Docs issues F: package-metadata The metadata that Dependabot fetched for the package T: tech-debt ⚙️
#6225 opened Nov 28, 2022 by jeffwidman
1 👍 1
Explore how we can leverage pip install's new --dry-run flag L: python:pip Python packages via pip T: tech-debt ⚙️
#5724 opened Sep 14, 2022 by jeffwidman
3 tasks
2 👍 1
It's confusing when to use go_modules vs gomod T: tech-debt ⚙️
#6577 opened Feb 2, 2023 by jeffwidman
1 task done
2 👍 1
Migrate smoke tests to this repository T: tech-debt ⚙️
#7768 opened Aug 8, 2023 by yeikel
3 👍 1
Migrate from Ubuntu 22.04 to 24.04 L: elixir:hex Elixir packages via hex L: git:submodules Git submodules L: swift Swift packages T: tech-debt ⚙️
#9482 opened Apr 11, 2024 by JamieMagee
1 👍 1
make Job parse all Hashes into class instances immediately good first issue T: tech-debt ⚙️
#9561 opened Apr 22, 2024 by jakecoffman
👍 1
Revisit how responsibilities are split up between UpdateChecker and Version in docker ecosystem T: tech-debt ⚙️
#5911 opened Oct 17, 2022 by deivid-rodriguez
2 👍 1
Fix flaky bundler specs core 🍏 Relates to the dependabot-core library itself EE Engineering Efficiency L: ruby:bundler RubyGems via bundler T: tech-debt ⚙️
#2364 opened Jul 24, 2020 by feelepxyz
5 tasks
1
Add docker tag steps bin/dev-docker-shell build 🛠 Relates to building and releasing Dependabot E: documentation Docs issues T: tech-debt ⚙️
#4743 opened Feb 15, 2022 by jeffwidman
Review and unify shelling-out logic core 🍏 Relates to the dependabot-core library itself T: tech-debt ⚙️
#6110 opened Nov 11, 2022 by deivid-rodriguez
1 task done
Improve handling of Python versioning strings L: python:pip Python packages via pip L: python:pipenv Python packages via pipenv L: python:poetry Python packages via poetry python Dependabot pull requests that update Python code T: tech-debt ⚙️ versioning
#6300 opened Dec 10, 2022 by jeffwidman
Switch bumping cargo security versions to using cargo's --precise flag L: rust:cargo Rust crates via cargo T: tech-debt ⚙️
#6427 opened Jan 13, 2023 by jeffwidman
Need to update python fixtures to reflect new Warehouse API responses Ecosystems Used by the maintainer team for internal-facing project tracking L: python:pip Python packages via pip python Dependabot pull requests that update Python code T: tech-debt ⚙️
#5723 opened Sep 14, 2022 by jeffwidman
1 task done
1
1
Test that was expected to pass but marked as pending because slow isn't actually passing EE Engineering Efficiency T: tech-debt ⚙️
#6778 opened Mar 3, 2023 by jeffwidman
1 task done
log when a dependency is ignored because of allow settings EE Engineering Efficiency T: bug 🐞 Something isn't working T: tech-debt ⚙️
#6877 opened Mar 20, 2023 by jakecoffman
1 task done
2
Identify why find_proxy() is slow for us and work with upstream Faraday maintainers to fix core 🍏 Relates to the dependabot-core library itself T: tech-debt ⚙️
#6881 opened Mar 21, 2023 by jeffwidman
1 task done
1
Switch Python /simple and /<project>/ APIs to using the JSON-based format (PEP-691) F: package-metadata The metadata that Dependabot fetched for the package L: python:pip Python packages via pip L:python:pip-compile Python packages via pip-compile L: python:pipenv Python packages via pipenv L: python:poetry Python packages via poetry python Dependabot pull requests that update Python code T: tech-debt ⚙️
#7680 opened Aug 1, 2023 by jeffwidman
3
Remove support for pip-tools --resolver=legacy option, throw a user-facing error instead T: tech-debt ⚙️
#7712 opened Aug 3, 2023 by jeffwidman
Sorbet type checking T: tech-debt ⚙️
#7782 opened Aug 9, 2023 by JamieMagee
8 tasks done
@JamieMagee
3
ProTip! What’s not been updated in a month: updated:<2024-12-03.