Skip to content

Issues: dependabot/dependabot-core

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
25 Open 18 Closed
25 Open 18 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

NuGet: updates are offered despite ignore rules F: dependency-ignores Allow excluding certain versions L: dotnet:nuget NuGet packages via nuget or dotnet T: bug 🐞 Something isn't working
#8182 opened Oct 12, 2023 by bkoelman
1 task done
dependabot still try to access the private package even I have added it into ignore list F: dependency-ignores Allow excluding certain versions L: javascript:pnpm npm packages via pnpm T: bug 🐞 Something isn't working
#8176 opened Oct 11, 2023 by 276210854
1 task done
1
Ignores not being applied for Cargo F: dependency-ignores Allow excluding certain versions L: rust:cargo Rust crates via cargo T: bug 🐞 Something isn't working
#6802 opened Mar 8, 2023 by iajoiner
1 task done
2
Dependabot does not respect ignore rules when updating yarn.lock files F: configuration-file F: dependency-ignores Allow excluding certain versions L: javascript:yarn npm packages via yarn T: bug 🐞 Something isn't working
#6608 opened Feb 6, 2023 by deivid-rodriguez
1 task done
1
Ignores not being applied for Gradle F: dependency-ignores Allow excluding certain versions L: java:gradle Maven packages via Gradle T: bug 🐞 Something isn't working
#6532 opened Jan 27, 2023 by eirnym
1 task done
3
Undo ignore this dependency F: dependency-ignores Allow excluding certain versions Keep Exempt this from being marked by stalebot
#6489 opened Jan 20, 2023 by glensc
19
Dependabot updating major version of terraform modules even though set to ignore semver-major F: dependency-ignores Allow excluding certain versions L: terraform Terraform packages T: bug 🐞 Something isn't working versioning
#6316 opened Dec 16, 2022 by adamstirk-ct
1 task done
1
Exceptions in ignore: <update-types> config F: configuration-file F: dependency-ignores Allow excluding certain versions T: feature-request Requests for new features
#4792 opened Mar 3, 2022 by pawelryznar
3
Exclude specific modules from maven repository F: dependency-ignores Allow excluding certain versions L: java:gradle Maven packages via Gradle T: feature-request Requests for new features
#4762 opened Feb 23, 2022 by rtc11
5
Cargo: Support ignoring git dependencies F: configuration-file F: dependency-ignores Allow excluding certain versions L: rust:cargo Rust crates via cargo T: feature-request Requests for new features
#4388 opened Nov 8, 2021 by ordian
Documentation should clarify SemVer ignore behavior for non-SemVer versions E: documentation Docs issues F: configuration-file F: dependency-ignores Allow excluding certain versions service 💁 Relates to Dependabot features GitHub provides T: bug 🐞 Something isn't working
#4386 opened Nov 8, 2021 by akomakom
1
Ignore manifests in specific subdirectories F: configuration-file F: dependency-ignores Allow excluding certain versions F: monorepo 📦 Issues related to bumping a dep in manifests from multiple apps Keep Exempt this from being marked by stalebot T: feature-request Requests for new features
#4364 opened Nov 3, 2021 by chenrui333
79
Dependabot does not respect ignore version syntax for Nuget F: dependency-ignores Allow excluding certain versions L: dotnet:nuget NuGet packages via nuget or dotnet T: bug 🐞 Something isn't working
#4075 opened Jul 23, 2021 by ElvenSpellmaker
2
For a given package, ignore versions by regex F: configuration-file F: dependency-ignores Allow excluding certain versions F: noise related to Dependabot being noisy, or initiatives to make Dependabot quieter T: feature-request Requests for new features
#3746 opened May 19, 2021 by blommish
1
Make allow and ignore symmetric F: configuration-file F: dependency-ignores Allow excluding certain versions T: feature-request Requests for new features
#3479 opened Apr 12, 2021 by asciimike
7
Update on poetry.lock ignoring optional=true F: configuration-file F: dependency-ignores Allow excluding certain versions L: python:poetry Python packages via poetry T: bug 🐞 Something isn't working
#3104 opened Feb 9, 2021 by joao-p-marques
1
Broken MSBuild XML from PackageVersion update when Condition is present F: dependency-ignores Allow excluding certain versions L: dotnet:nuget NuGet packages via nuget or dotnet T: bug 🐞 Something isn't working
#3068 opened Feb 2, 2021 by kzu
1
Allow/Ignore specific manifests F: configuration-file F: dependency-ignores Allow excluding certain versions Keep Exempt this from being marked by stalebot T: feature-request Requests for new features
#2883 opened Dec 17, 2020 by amogkam
8
Ignore version range syntax should be clarified in docs E: documentation Docs issues F: dependency-ignores Allow excluding certain versions L: docker Docker containers versioning
#2644 opened Oct 15, 2020 by atc0005
14
requirements.txt is ignored when Pipfile exists F: dependency-ignores Allow excluding certain versions L: python:pip Python packages via pip T: bug 🐞 Something isn't working versioning
#1946 opened Jun 28, 2020 by CorralPeltzer
Version 2 yaml validator doesn't catch duplicated ignore: sections. F: configuration-file F: dependency-ignores Allow excluding certain versions T: bug 🐞 Something isn't working
#1919 opened Jun 18, 2020 by georgedorn
1
Ability to ignore/filter private sources core 🍏 Relates to the dependabot-core library itself F: configuration-file F: dependency-ignores Allow excluding certain versions F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. service 💁 Relates to Dependabot features GitHub provides T: feature-request Requests for new features
#1999 opened Apr 7, 2020 by alex-ringeri-tw
5
ignored_updates is not working when update is available for multiple modules F: dependency-ignores Allow excluding certain versions F: language-support Issues specific to a particular language or ecosystem; may be paired with an L: label. L: java:maven Maven packages via Maven T: bug 🐞 Something isn't working
#2029 opened Feb 14, 2020 by alexey-anufriev
4
[Bug] Python dependencies with pip-compile do not respect 'ignored_versions' F: dependency-ignores Allow excluding certain versions L:python:pip-compile Python packages via pip-compile T: bug 🐞 Something isn't working
#1559 opened Dec 6, 2019 by JimNero009
2
Avoid bumping to versions which are not Long Term Support (LTS) version F: configuration-file F: dependency-ignores Allow excluding certain versions F: language-support Issues specific to a particular language or ecosystem; may be paired with an L: label. Keep Exempt this from being marked by stalebot L: docker Docker containers T: feature-request Requests for new features T: new-ecosystem Requests for new ecosystems/languages
#2247 opened Jul 23, 2018 by dmabamboo
20
ProTip! Add no:assignee to see everything that’s not assigned.