Quarkus: Dependabot pull requests in quarkus forks

Created on 15 Jul 2020  路  15Comments  路  Source: quarkusio/quarkus

Dependabot pull requests in quarkus forks
I don't know whether this is intended but after I rebased my fork (xstefank/quarkus) master today I started to get dependabot update PRs into my fork for which I don't see the reasoning.

https://github.com/xstefank/quarkus/pulls

2020-07-15-1594807102_1726x643

arehousekeeping triaginvalid
Source
picture xstefank

Most helpful comment

yes, reforking worked. Thanks!

picture xstefank on 15 Jul 2020
🎉2

All 15 comments

Maybe related to #10681?

/cc @gastaldi

PS: What I also find irritating is that once I push to master of my fork, the entire CI-chain is triggered. But that has been like this for a long time.

famod picture famod on 15 Jul 2020

Thanks for reporting this, I'll investigate

gastaldi picture gastaldi on 15 Jul 2020

In https://docs.github.com/en/github/administering-a-repository/enabling-and-disabling-version-updates#enabling-version-updates-on-forks it says that

Version updates are not automatically enabled on forks when a dependabot.yml configuration file is present.

But I wonder if this is only valid for new forks. In this case can you try recreating your fork to see if that works?

gastaldi picture gastaldi on 15 Jul 2020

PS: What I also find irritating is that once I push to master of my fork, the entire CI-chain is triggered. But that has been like this for a long time.

@famod Ah yes, AFAIK this is a GitHub actions feature. You can disable it by removing the .github/workflows directory from your master branch

gastaldi picture gastaldi on 15 Jul 2020

@famod Ah yes, AFAIK this is a GitHub actions feature. You can disable it by removing the .github/workflows directory from your master branch

@gastaldi Ah, good to know. But wouldn't I then get merge conflicts each time something changes in that file?

famod picture famod on 15 Jul 2020

I rarely push to my master branch in my fork so I don't really have this problem TBH :smile: Just make sure to keep your cloned master branch synch'ed with the original master :wink:

gastaldi picture gastaldi on 15 Jul 2020

yes, reforking worked. Thanks!

xstefank picture xstefank on 15 Jul 2020
🎉2

@gastaldi Maybe this should be pinned for a while so that other contributors see this directly? (I mean the GH pinning feature, not the label).

famod picture famod on 15 Jul 2020

@famod good idea, just did that. Let's see if it helps

gastaldi picture gastaldi on 15 Jul 2020
👍1

@gastaldi ...and @sberyozkin unpinned it - maybe you guys should talk. 馃槅

famod picture famod on 15 Jul 2020

Maybe related to #10681?

/cc @gastaldi

PS: What I also find irritating is that once I push to master of my fork, the entire CI-chain is triggered. But that has been like this for a long time.

Hello @famod, this can be disabled in your fork settings. Go to Settings -> Actions and then select the "Disable actions for this repository" radio button.

jaikiran picture jaikiran on 16 Jul 2020

@jaikiran Thanks, but that would disable actions for all branches, not just master, wouldn't it?

famod picture famod on 16 Jul 2020

Have there been any changes? I recreated my fork not long ago but still keep getting dependabot PRs.

famod picture famod on 2 Dec 2020

@famod try force pushing to your master a commit similar to what I have in https://github.com/gastaldi/quarkus:

https://github.com/gastaldi/quarkus/commit/7f15993a5b85ad94aeaadd2e7f1a1d64c8239cea

gastaldi picture gastaldi on 2 Dec 2020

@gastaldi Dependabot is checking such a file? 馃槷

Seems many users are affected by this (in general): https://github.com/dependabot/dependabot-core/issues/2198

famod picture famod on 3 Dec 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

lbernardomaia picture lbernardomaia  路  3Comments
gsmet picture gsmet  路  3Comments
pipinet picture pipinet  路  3Comments
Rashmini picture Rashmini  路  3Comments
hantsy picture hantsy  路  3Comments