Dependabot cannot find my release notes #128817
Replies: 3 comments 4 replies
-
Hello,
|
Beta Was this translation helpful? Give feedback.
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
I got an answer from GitHub for my specific case: DetailsHi, Thank you for your patience. I have some update from our engineers, here are the information. So basically, even for Gradle, Dependabot looks in the pom file for the release information, i.e the following: We get this information from these tags: Example: Here is an example of a pom structure with the correct tags: <project>
<url>[https://github.com/username/project<](https://github.com/username/project%3C);/url>
<scm>
<url>[https://github.com/username/project<](https://github.com/username/project%3C);/url>
</scm>
<issueManagement>
<url>[https://github.com/username/project/issues<](https://github.com/username/project/issues%3C);/url>
</issueManagement>
</project> Replace The specific pom.xml file that Dependabot is attempting to retrieve and analyze is located at this URL: You will need to change your I then asked in the gradle slack about it and they mentioned that the generated files seems to miss those information. So it seems at the moment there is nothing we can do, BUT if someone else knows something more about that, please tell me :) |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
Hi,
I have this gradle plugin: https://github.com/europace/docker-publish-gradle-plugin
My problem ist, that when I get updates via dependabot, I always get the message, that there is unknown code compatibility
I have a test pull request here
I double checked and the website is added to the plugin here.
On the gradle plugin portal the website is shown as well.
What do we do wrong?
Beta Was this translation helpful? Give feedback.
All reactions