Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dependabot is failing #2138

Open
v1v opened this issue Oct 10, 2024 · 1 comment
Open

dependabot is failing #2138

v1v opened this issue Oct 10, 2024 · 1 comment
Labels
agent-python

Comments

@v1v
Copy link
Member

v1v commented Oct 10, 2024

See here

 Dependabot can't update vulnerable dependencies without a lockfile
The currently installed version can't be determined.

To resolve the issue add a supported lockfile (Pipfile.lock, pyproject.lock or poetry.lock).

and

proxy | 2024/10/09 04:59:47 [015] GET [https://pypi.org:443/simple/django/](https://pypi.org/simple/django/)
  proxy | 2024/10/09 04:59:47 [015] 200 [https://pypi.org:443/simple/django/](https://pypi.org/simple/django/)
updater | 2024/10/09 04:59:47 INFO <job_898200968> Filtered out 4 yanked versions
updater | 2024/10/09 04:59:47 INFO <job_898200968> Latest version is 5.1.2
updater | 2024/10/09 04:59:47 INFO <job_898200968> Dependabot can't update vulnerable dependencies for projects without a lockfile or pinned version requirement as the currently installed version of django isn't known.
  proxy | 2024/10/09 04:59:48 [019] POST /update_jobs/898200968/record_update_job_error
  proxy | 2024/10/09 04:59:48 [019] 204 /update_jobs/898200968/record_update_job_error
  proxy | 2024/10/09 04:59:48 [021] PATCH /update_jobs/898200968/mark_as_processed
  proxy | 2024/10/09 04:59:48 [021] 204 /update_jobs/898200968/mark_as_processed
updater | 2024/10/09 04:59:48 INFO <job_898200968> Finished job processing
updater | 2024/10/09 04:59:48 INFO Results:
Dependabot encountered '1' error(s) during execution, please check the logs for more details.
+-------------------------------+
|            Errors             |
+-------------------------------+
| dependency_file_not_supported |
+-------------------------------+
Failure running container 2c5d1c36c565c[53](https://github.com/elastic/apm-agent-python/actions/runs/11248516257/job/31273784137#step:3:55)e22f55c108d9f5d3ce9ca87b269cfcdf12f92aa89569091d4
Cleaned up container 2c5d1c36c565c53e22f55c108d9f5d3ce9ca87b269cfcdf12f92aa89569091d4
  proxy | 2024/10/09 04:59:48 Posting metrics to remote API endpoint
2024/10/09 04:59:48 0/9 calls cached (0%)
Error: Dependabot encountered an error performing the update

Error: The updater encountered one or more errors.
@xrmx
Copy link
Member

xrmx commented Oct 10, 2024

Eh for some reason dependabot stopped to work with requirements files some times ago, was already aware of this because it fails applying fixes it reports in the security tab in github.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
agent-python
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xrmx @v1v