-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependabot is timing out #16729
Comments
The last couple of runs failed with various different errors, as visible in the output of the workflow run. One error that appeared thrice in slightly different variations, including the most recent run is this:
The more info link is a circular reference that just eventually brings you back to the workflow run. If you look for e.g.
So, not too helpful with all these unknowns, and the listed packages don't seem to be related to the changes under #16566.
The last PR that Dependabot opened was #16549 on 12 August, which interestingly originates from a failing run (its successful rerun didn't actually do anything since "Dependabot workflows cannot be re-run. Retrigger this update via Dependabot instead."). My guess is that Dependabot is simply choking on the update due to us having a huge solution with an extreme amount of packages being referenced, and we occasionally have to do manual updates. I've updated a GitHub support request about this. |
this is one fixed. |
GitHub support only pointed to the docs for now BTW, what I've previously read but didn't help. |
Unfortunately, this isn't fixed. Dependabot has a limitation of 150 manifests per repo: https://docs.github.com/en/enterprise-cloud@latest/code-security/supply-chain-security/understanding-your-software-supply-chain/troubleshooting-the-dependency-graph#are-there-limits-which-affect-the-dependency-graph-data According to GitHub support, we have 190 (we have 217 projects in the solution but apparently, not all of those have NuGet dependencies). We could perhaps batch updates by having multiple |
The
Dependabot
action runs as schedule. It times out after running for 60 mins.I believe that this issue happened after
CentralPackageTransitivePinningEnabled
was enabled. #16566Last successful run was August 13th.
The text was updated successfully, but these errors were encountered: