Dependabot-core: Dependabot vendors go modules into a nested directory

Created on 27 Oct 2020  路  2Comments  路  Source: dependabot/dependabot-core

Package manager/ecosystem
gomod
What you expected to see, versus what you actually saw
We have a monorepo and enabled dependabot for a service in the monorepo by adding a dependabot.yml file at the root of the repo in the .github folder. Since the go.mod file of the service for which we want to have automatic bumps is in the catalog folder, we added the directory: "/catalog" property to the config file. We vendor our dependencies in this application.

When dependabot created a PR for the bump of a dependency, it automatically vendored it, which is great, but it did so in the /catalog/catalog/vendor folder and not in /catalog/vendor folder like it should be. It seems like it's nesting the vendored dependencies wrongly somehow.

Images of the diff or a link to the PR, issue or logs
Screenshot 2020-10-27 at 17 31 14

bug 馃悶
Source
picture Kemosabert

Most helpful comment

Thanks for reporting this @Kemosabert, that definitely seems like a bug on our end, I'll look into it!

picture jurre on 27 Oct 2020
👍2

All 2 comments

Thanks for reporting this @Kemosabert, that definitely seems like a bug on our end, I'll look into it!

jurre picture jurre on 27 Oct 2020
👍2

Thanks for checking this @jurre, let me know if you need more information or context about this.

Kemosabert picture Kemosabert on 29 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jbreitbart picture jbreitbart  路  3Comments
LankyLou picture LankyLou  路  4Comments
kiprasmel picture kiprasmel  路  3Comments
v1sion picture v1sion  路  3Comments
tjwallace picture tjwallace  路  3Comments