Skip to content

[Dependabot] Move zone.js and typescript rules into "ignore" settings and ignore major/minor versions#4617

Merged
tdonohue merged 1 commit intoDSpace:mainfrom
tdonohue:refactor_dependabot_rules
Jul 31, 2025
Merged

[Dependabot] Move zone.js and typescript rules into "ignore" settings and ignore major/minor versions#4617
tdonohue merged 1 commit intoDSpace:mainfrom
tdonohue:refactor_dependabot_rules

Conversation

@tdonohue
Copy link
Member

@tdonohue tdonohue commented Jul 31, 2025

References

Refactors code added in these two PRs:

Description

Since merging #4424 and #4483, it appears that dependabot has been having issues with our configuration. We're seeing this error everytime dependabot attempts to run on dependencies:

Dependabot encountered '1' error(s) during execution, please check the logs for more details.
+----------------------------------------------------------------------------------------------------+
|                                   Dependencies failed to update                                    |
+------------+--------------------------------+------------------------------------------------------+
| Dependency | Error Type                     | Error Details                                        |
+------------+--------------------------------+------------------------------------------------------+
| typescript | dependency_file_not_resolvable | {                                                    |
|            |                                |   "message": "Error while updating peer dependency." |
|            |                                | }                                                    |
+------------+--------------------------------+------------------------------------------------------+

As best I can tell, it appears that dependabot doesn't like the syntax we used to "ignore" the minor upgrades for typescript (and possibly also zonejs). These errors started only after merging the above PRs, so I think they are the cause.

So, this PR is just moving those settings to the ignore section and specifically ignoring major & minor upgrades of those dependencies. Hopefully, this will help fix things for dependabot.

@tdonohue tdonohue added this to the 10.0 milestone Jul 31, 2025
@tdonohue tdonohue added the 1 APPROVAL pull request only requires a single approval to merge label Jul 31, 2025
@tdonohue
Copy link
Member Author

tdonohue commented Jul 31, 2025

Merging immediately as this is just dependabot & it's not possible to test without merging.

@tdonohue tdonohue merged commit fa58bc5 into DSpace:main Jul 31, 2025
10 checks passed
@tdonohue tdonohue deleted the refactor_dependabot_rules branch July 31, 2025 21:23
@tdonohue
Copy link
Member Author

tdonohue commented Jul 31, 2025

🎉 This PR fixed the above dependabot error. It ran successfully now with no errors.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@tdonohue tdonohue

Labels

1 APPROVAL pull request only requires a single approval to merge bug code task

Projects

DSpace 10.0 Release
Status: ✅ Done

Milestone

10.0

Development

Successfully merging this pull request may close these issues.

1 participant

@tdonohue