Quantcast
Channel: Active questions tagged nuget-package - Stack Overflow
Viewing all articles
Browse latest Browse all 3067

How to configure Dependabot on Azure DevOps to create only one PR for minor/patch updates

$
0
0

We use dependabot-azure-devops by tinglesoftare to track updates of our dependencies and create pull requests automatically.

The azure devops pipeline is rather straigh forward:

trigger:- masterpool:  vmImage: ubuntu-lateststeps:- task: dependabot@1  displayName: 'Dependabot with default parameters'

And we have this dependabot.yml stored in .azuredevops\dependabot.yml

# To get started with Dependabot version updates, you'll need to specify which# package ecosystems to update and where the package manifests are located.# Please see the documentation for all configuration options:# https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-fileversion: 2registries:  {feedname}:    type: nuget-feed    url: https://pkgs.dev.azure.com/{confidential}/_packaging/{feedname}/nuget/v3/index.json    token: PAT:${{ PatInternalFeed }}updates:  - package-ecosystem: "nuget"    directories:    - "/" # Location of package manifests    registries:    - {feedname}    schedule:      interval: "weekly"      time: "02:00"    open-pull-requests-limit: 10    commit-message:      prefix: "dependabot"      prefix-development: "dependabot"      include: "scope-and-version"      separator: "-"    groups:      shared:        patterns:          - "*"

My understanding of the dependabot-groups documentation is that currently all updates should be grouped together, regardless of the semantic version. Unfortunately, this configuration leads to multiple pull requests for each patch-version dependency. Am I missing something, which needs to configured differently for dependabot on azure devops? Also the commit-message part of the configuration does not seem to have any effect on the created PRs.


Viewing all articles
Browse latest Browse all 3067

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>