-
Notifications
You must be signed in to change notification settings - Fork 994
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub Actions version pinning dropped #7971
Comments
I have the same issue in https://github.com/getlogbook/logbook/pull/356/files |
Your issue seems to be a valid duplicate of this #7966 In particular, the reason seems to be this : #7966 (comment) @na-jakobs Can you share a link to your pull request/manifest? If sharing the pull request is not possible because it is a private repository, please share the I am trying to see if the symptoms are the same as the pull request shared above. If so, we can probably close this as duplicate and upvote the other |
@yeikel I'm referring to this file, which dependabot is bumping a commit hash to a tag: https://github.com/getlogbook/logbook/pull/356/files#diff-ab7cd36ad831c30099773459b80595fd3b72612f333f6a2f4e11c2606176999f |
Yep, your issue seems to be the same as #7966 where due to you having a mix of formats, dependabot incorrectly uses one of the formats as opposed to respecting them See this comment for an explanation #7966 (comment) |
This will get fixed by #8068! |
Is there an existing issue for this?
Package ecosystem
github-actions
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
No response
dependabot.yml content
Updated dependency
No response
What you expected to see, versus what you actually saw
Expected to see an update to the latest sha along with an update to the comment.
Removed:
Added:
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
Smallest manifest that reproduces the issue
No response
The text was updated successfully, but these errors were encountered: