- Notifications
You must be signed in to change notification settings - Fork1.1k
Insights: dependabot/dependabot-core
Overview
Could not load contribution data
Please try again later
3 Releases published by2 people
33 Pull requests merged by11 people
- Disable ecosystems from rakefile to fix gem release
#12656 merged
Jul 17, 2025 - v0.322.0
#12654 merged
Jul 17, 2025 - Bump System.CommandLine, xunit.runner.visualstudio and xunit.v3
#12651 merged
Jul 16, 2025 - classify additional error shapes
#12652 merged
Jul 16, 2025 - Bump golang.org/x/mod from 0.19.0 to 0.26.0 in /go_modules/helpers
#12617 merged
Jul 16, 2025 - check output for timeouts
#12650 merged
Jul 16, 2025 - Bump nuget/helpers/lib/NuGet.Client from
42bfb45to2948e02#12618 merged
Jul 16, 2025 - Bump dotnet-sdk from 9.0.203 to 9.0.302 in /nuget/helpers/lib/NuGetUpdater
#12620 merged
Jul 16, 2025 - refactor method
#12649 merged
Jul 16, 2025 - Bump DiffPlex and 21 others
#12622 merged
Jul 16, 2025 - reset smoke test branch to main
#12646 merged
Jul 16, 2025 - Don't let unsupported sdk version in
global.jsonfail an update job#12638 merged
Jul 16, 2025 - ensure project is supported file
#12644 merged
Jul 16, 2025 - Use common variable for PHP version
#12642 merged
Jul 16, 2025 - Remove the fallback
"master"hardcoded branch name from the npmFileParser#7131 merged
Jul 16, 2025 - Skip sigstore attestions if publishing the RubyGems manually
#12639 merged
Jul 15, 2025 - Install
vcpkgcli invcpkgecosystem container image#12636 merged
Jul 15, 2025 - Update labels for
dotnet-sdk,rust-toolchain, andvcpkg#12637 merged
Jul 15, 2025 - use initial project directory when computing updated file paths from project discovery
#12635 merged
Jul 15, 2025 - Remove deprecated cooldown feature flag for JavaScript ecosystems: npm_and_yarn, bun
#12582 merged
Jul 15, 2025 - fix: update the file extensions that indicate and archive for http url module sources
#12610 merged
Jul 15, 2025 - Downgrade pip to 24.2 due to issue in >25
#12634 merged
Jul 15, 2025 - Remove cooldown feature flag for
vcpkgandrust_toolchain#12631 merged
Jul 15, 2025 - cleanup nuget pr body text
#12627 merged
Jul 15, 2025 - v0.321.3
#12630 merged
Jul 15, 2025 - add experimental nuget file writer
#12600 merged
Jul 15, 2025 - v0.321.2
#12629 merged
Jul 14, 2025 - Create MAINTENANCE_STANDARDS.md
#10709 merged
Jul 14, 2025 - UV update to version 0.7.20
#12626 merged
Jul 14, 2025 - Upgrade uv version to 0.7.20
#12625 merged
Jul 14, 2025 - remove unnecessary test fixtures
#12586 merged
Jul 14, 2025 - Upgrade PIP to 25.0.1
#12624 merged
Jul 14, 2025 - Sorbet type check added to cargo helper class.
#12605 merged
Jul 14, 2025
11 Pull requests opened by10 people
- Bump nuget/helpers/lib/dotnet-core from `218ef74` to `4156c64`
#12619 opened
Jul 13, 2025 - Bump the dev-dependencies group across 1 directory with 7 updates
#12621 opened
Jul 13, 2025 - Composer v1 deprecation clean up
#12641 opened
Jul 16, 2025 - Engines package.json: support special characters >=, ~, ^ (npm_and_yarn)
#12648 opened
Jul 16, 2025 - Don't have a fallback on `"master"` as default
#12655 opened
Jul 17, 2025 - v0.323.0
#12657 opened
Jul 17, 2025 - Pin dependency plugin version when running dependency tree in Maven
#12658 opened
Jul 17, 2025 - Complete checkout of vcpkg repository
#12659 opened
Jul 17, 2025 - Fix rust_toolchain and vcpkg dependency versions in omnibus build
#12660 opened
Jul 17, 2025 - generate detailed pr body
#12661 opened
Jul 17, 2025 - Remove enable_cooldown_for_bundler feature flag check
#12664 opened
Jul 18, 2025
8 Issues closed by5 people
- DependencyFileNotFound when using Directory.Packages.props without a project file
#5635 closed
Jul 18, 2025 - Dependabot still creating PRs after yml has been deleted
#12475 closed
Jul 17, 2025 - NuGet updater doesn't handle versions like `8.0.x` in `global.json`
#12396 closed
Jul 16, 2025 - Not working properly if project includes Maui
#12633 closed
Jul 15, 2025 - Publish new ecosystems dependabot-rust_toolchain and depenadbot-vcpkg on rubygems.org
#12581 closed
Jul 15, 2025 - Dependency auto-submission for NuGet failing
#12546 closed
Jul 14, 2025
7 Issues opened by5 people
- Upgrade pip to >25
#12663 opened
Jul 18, 2025 - Dependabot started dropping xml header
#12662 opened
Jul 17, 2025 - NuGet update analysis should consider ignored versions for transitive dependencies
#12653 opened
Jul 16, 2025 - Swift updater not properly honoring ignore conditions
#12647 opened
Jul 16, 2025 - Set MSBuild property `NuGetAudit=false` when scanning for dependencies
#12645 opened
Jul 16, 2025 - Pnpm 10.12.1 - Dependabot does not support your pnpm version
#12643 opened
Jul 16, 2025
45 Unresolved conversations
Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.
- To Implement Cooldown feature for Helm ecosystem
#12520 commented on
Jul 18, 2025 • 23 new comments - Make Dependabot recursively check folders for Dockerfiles / Helm Charts / K8s files
#6047 commented on
Jul 12, 2025 • 0 new comments - [cargo] error when Dependabot attempts to update wildcard dependency
#7568 commented on
Jul 18, 2025 • 0 new comments - Failure to install `gpgme` using GCC 15
#12545 commented on
Jul 18, 2025 • 0 new comments - This project requires Poetry 2.1.2, but you are using Poetry 2.1.1
#12048 commented on
Jul 18, 2025 • 0 new comments - You can disable all labels using labels: [ ]
#11783 commented on
Jul 18, 2025 • 0 new comments - dependabot does not add 'license' key to package-lock.json on dependency update
#12578 commented on
Jul 18, 2025 • 0 new comments - Gradle dependabot updates failing with "unknown_error" and RuntimeError "no files changed" when update detected after 20 June
#12559 commented on
Jul 18, 2025 • 0 new comments - Dependabot Fails with update_not_possible for a package Despite No Configuration Changes
#12554 commented on
Jul 18, 2025 • 0 new comments - helm - Error fetching chart releases: Error: no repositories configured
#12549 commented on
Jul 18, 2025 • 0 new comments - No PRs created
#12270 commented on
Jul 18, 2025 • 0 new comments - Bump the pnpm-dependencies group in /npm_and_yarn/helpers with 2 updates
#10361 commented on
Jul 13, 2025 • 0 new comments - Bump rubocop-rspec from 2.29.1 to 3.2.0 in /updater
#10851 commented on
Jul 17, 2025 • 0 new comments - Bump the npm-dependencies group across 1 directory with 3 updates
#11769 commented on
Jul 13, 2025 • 0 new comments - Bump pip from 24.0 to 25.0.1 in /python/helpers in the pip group
#11830 commented on
Jul 13, 2025 • 0 new comments - Bump pipenv from 2024.4.1 to 2025.0.1 in /python/helpers in the pipenv group
#12151 commented on
Jul 13, 2025 • 0 new comments - Bump poetry from 2.1.1 to 2.1.3 in /python/helpers in the poetry group
#12413 commented on
Jul 15, 2025 • 0 new comments - Bump the all-actions group across 1 directory with 3 updates
#12485 commented on
Jul 17, 2025 • 0 new comments - Bump the prod-dependencies group across 1 directory with 22 updates
#12494 commented on
Jul 17, 2025 • 0 new comments - Bump the dev-dependencies group across 1 directory with 3 updates
#12527 commented on
Jul 13, 2025 • 0 new comments - Add exclude-paths option to dependabot.yml
#12532 commented on
Jul 16, 2025 • 0 new comments - Bump friendsofphp/php-cs-fixer from 3.75.0 to 3.78.1 in /composer/helpers/v2 in the dev-dependencies group across 1 directory
#12565 commented on
Jul 13, 2025 • 0 new comments - filter out non-version tags in Helm update checker
#12612 commented on
Jul 17, 2025 • 0 new comments - New command `Dependabot revert`
#7546 commented on
Jul 12, 2025 • 0 new comments - Composer update fail with akeneo/pim-community-dev dependency
#7551 commented on
Jul 12, 2025 • 0 new comments - Dependabot removes catalog/catalogs field with bun
#12522 commented on
Jul 12, 2025 • 0 new comments - NPM-level updatePolicy support
#7555 commented on
Jul 13, 2025 • 0 new comments - Make the private registry URL templatable in `dependabot.yaml`
#5750 commented on
Jul 14, 2025 • 0 new comments - Option to enable release candidates/beta versions of dependencies
#2250 commented on
Jul 14, 2025 • 0 new comments - Bump Node.js version to 22
#12024 commented on
Jul 14, 2025 • 0 new comments - Unknown error when using nested relative paths in `package.json` workspaces (when `package-lock.json` is present)
#7556 commented on
Jul 15, 2025 • 0 new comments - add vcpkg ecosystem
#7644 commented on
Jul 15, 2025 • 0 new comments - Update rust-toolchain
#1702 commented on
Jul 15, 2025 • 0 new comments - Dependabot Groups include Unexpected Dependencies when Updating Existing PR
#10487 commented on
Jul 16, 2025 • 0 new comments - Terraform update returns error "dependency_file_not_resolvable" dispiite the file beeing there
#12071 commented on
Jul 16, 2025 • 0 new comments - Support for uv workspaces
#12072 commented on
Jul 16, 2025 • 0 new comments - Dependabot reformatting entire `Directory.Packages.props` file
#10463 commented on
Jul 16, 2025 • 0 new comments - Dependabot have stopped monitoring manifest-files named `constraints.txt`
#7253 commented on
Jul 17, 2025 • 0 new comments - Set defaults for the max length of PR branch names
#7564 commented on
Jul 17, 2025 • 0 new comments - Fix dependency from vulnerable ghostscript library
#7573 commented on
Jul 17, 2025 • 0 new comments - Dependabot has stopped providing the changelog of updated dependencies
#12531 commented on
Jul 17, 2025 • 0 new comments - Dependabot can't resolve your JavaScript dependency files - @types/node
#11697 commented on
Jul 17, 2025 • 0 new comments - Remove / fix remaining hardcoded branch reference to `"master"`
#6202 commented on
Jul 17, 2025 • 0 new comments - Dependency updated between original PR and rebase has old commit message and PR title not updated
#4821 commented on
Jul 17, 2025 • 0 new comments - Support for using PAT to grant private repository access instead of granting via adding to repo for gomod
#7583 commented on
Jul 18, 2025 • 0 new comments