Discrepancy in files updated by dependabot version updates #50961
Replies: 1 comment
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
I am seeing a discrepancy in how dependabot pushes versions updates and I am wondering if that's a potential bug.
I have two different repositories, let's call them A and B. Dependabot pushed a PR on that updated the same dependency with the exact same version bump. In A, dependabot only updated the lockfile. In B, dependabot updated the lockfile and the package manifest. Both repositories uses yarn classic and the only difference in the dependabot configuration is that A has an
ignore:
property setup that ignores the internal dependencies as it's a monorepo.Both repositories uses the default versioning-strategy as the property isn't specified
Beta Was this translation helpful? Give feedback.
All reactions