Nish Sinha
Nish Sinha
Hi @JacobEvelyn, Thank you for your feedback! We are now tracking this feature as part of a larger one internally around custom label creation for Dependabot. Right now, the Dependabot...
Running `VCR=all rspec spec` in common seems to make more recordings fail. We might want to set up a cron job to try running this once a week so we...
Hi @gabrielfeo, we really apologize for the delays here. There is no reason this could't have been deployed earlier. Since this is now in production, it would be great if...
Hello @SkipKayhil, Thank you for this contribution! Indeed, many of Dependabot Core's `FileParsers` read the same dependencies multiple times. > I wasn't sure what the policy around breaking API changes...
I had some initial concerns with merging this PR incase it changed some underlying behavior in how we parse dependencies. Seeing this PR is passing our e2e smoke tests, which...
Thanks! Do you think you could add a quick test for this to confirm the bug is no longer present? Feel free to reach out if you need help!
@noorul, sure! It looks like we specifically want to test that quay URLs follow the next page for paginated links Paginated URLs are accessed by our docker client (docker_registry2) in...
Hi @sorentwo, thank you for this contribution, for including tests, and for linking the hex server source code and making it public! 🌟 I'm not an elixir expert, but from...
@sorentwo Dependabot also has a separate step for updating lockfiles: https://github.com/dependabot/dependabot-core/blob/main/hex/lib/dependabot/hex/file_updater/lockfile_updater.rb it uses the same `organization_credentials` as the `check_update` and `get_latest_resolvable_versions` methods did in the version resolver, and would probably...
Hi @sorentwo and @cam-carter 👋🏾 We discussed prioritizing this issue during our team's sprint planning meeting today. Unfortunately, we don't have the capacity for *dedicated* engineers to work on the...