Dependabot doesn't update NuGet version in all projects

[prplecake]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

NuGet

Package manager version

No response

Language version

.NET 8

Manifest location and content before the Dependabot update

Project layout follows a pattern similar to the following:

• /src/Core/Core.csproj
• /src/Infrastructure/Infrastructure.csproj
• /src/CLI/CLI.csproj
• /tests/Core.Tests/Core.Tests.csproj
• /tests/Infrastructure.Tests/Infrastructure.Tests.csproj
• /tests/TestHelpers/TestHelpers.csproj

dependabot.yml content

version: 2
updates:
  - package-ecosystem: "nuget" # See documentation for possible values
    directory: "/" # Location of package manifests
    schedule:
      interval: "weekly"
  - package-ecosystem: "github-actions" # See documentation for possible values
    directory: "/" # Location of package manifests
    schedule:
      interval: "weekly"

Updated dependency

Microsoft.Test.SDK 17.6.0 to 17.9.0

What you expected to see, versus what you actually saw

I would expect Microsoft.Test.SDK to be updated in all three test projects, but it's only updated in a single project, causing any related restore/builds to fail with a package downgrade error from MSBuild.

Native package manager behavior

Not applicable.

Images of the diff or a link to the PR, issue, or logs

According to the dependabot logs, dependabot knows this dependency is found in other projects:

updater |   name: Microsoft.NET.Test.Sdk, version: 17.6.0
updater |     file: tests/UserCreation.Core.Tests/UserCreation.Core.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.Infrastructure.Tests/UserCreation.Infrastructure.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.TestHelpers/UserCreation.TestHelpers.csproj, metadata: 
updater |   name: MSTest.TestAdapter, version: 3.0.4
updater |     file: tests/UserCreation.Core.Tests/UserCreation.Core.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.Infrastructure.Tests/UserCreation.Infrastructure.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.TestHelpers/UserCreation.TestHelpers.csproj, metadata: 
updater |   name: MSTest.TestFramework, version: 3.0.4
updater |     file: tests/UserCreation.Core.Tests/UserCreation.Core.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.Infrastructure.Tests/UserCreation.Infrastructure.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.TestHelpers/UserCreation.TestHelpers.csproj, metadata: 
updater |   name: coverlet.collector, version: 6.0.0
updater |     file: tests/UserCreation.Core.Tests/UserCreation.Core.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.Infrastructure.Tests/UserCreation.Infrastructure.Tests.csproj, metadata: 
updater |     file: tests/UserCreation.TestHelpers/UserCreation.TestHelpers.csproj, metadata: 

Smallest manifest that reproduces the issue

No response

[kmcc049]

This looks like a reemergence of the issue here #8576, possibly due to this commit 02f47fd as it touched the same file after the fix, which seemed to work. I know 0 Ruby so can't comment but perhaps @JamieMagee can take a look?

[JamieMagee]

@prplecake are you able to share any other logs?

@kmcc049 It's hard to say whether or not it's related to Sorbet without any stack traces.

[prplecake]

@JamieMagee I'm not sure what other logs I could provide.

[brettfo]

@prplecake Is the repo where you're seeing this public? If not can you share the job ID so I can pull the full logs from my end? There will be several instances of a string like <job_123456> that should be all I need.

[prplecake]

@brettfo Repo is private. I don't have the job ID for the run when I opened this issue, and I haven't had a bunch of dependency updates in the last several weeks. In any case, there was a job that ran two weeks ago, job_817723144, and one that ran a few days ago, job_820810872.

I hope they help.