Here's the reply from dependabot team: We're aware of this issue and planning a fix. The workaround for now is to > delete the fork and re-create it without enabling Dependabot security > updates. Dependabot version updates (setup from config file) isn't enabled > by default on new forks but will be if security updates has ever been > turned on and since disabled.
Source: https://github.com/dependabot/dependabot-core/issues/2804#issuecomment-737781797 On Tue, Dec 1, 2020 at 9:59 AM Guido van Rossum <gu...@python.org> wrote: > Yup, it's because upstream cpython has this file: > > https://github.com/gvanrossum/cpython/blob/master/.github/dependabot.yml > > I still think this is a bug (or missing feature) in dependabot. Please +1 > that issue! > > On Tue, Dec 1, 2020 at 7:52 AM Mariatta <maria...@python.org> wrote: > >> Maybe a recent change in dependabot. This open ticket seems related >> https://github.com/dependabot/dependabot-core/issues/2804 >> >> On Tue., Dec. 1, 2020, 7:36 a.m. Guido van Rossum, <gu...@python.org> >> wrote: >> >>> I got this too on two forks of cpython. It smells like a dependabot >>> mistake. >>> >>> On Tue, Dec 1, 2020 at 04:59 Terry Reedy <tjre...@udel.edu> wrote: >>> >>>> This morning I woke to find that dependabot had added two new branches >>>> to my cpython fork >>>> https://github.com/terryjreedy/cpython/branches >>>> and had created corresponding PRs >>>> https://github.com/terryjreedy/cpython/pull/3 >>>> https://github.com/terryjreedy/cpython/pull/4 >>>> >>>> Whether all forks or all committers or just me got these, it seems >>>> wrong. I suspect that I should just close the extraneous PRs and >>>> delete >>>> the branches. >>>> >>>> Dependabot also created the same branches and PRs directly on >>>> python/cpython. >>>> https://github.com/python/cpython/branches >>>> https://github.com/python/cpython/pull/23582 >>>> https://github.com/python/cpython/pull/23583 >>>> Only these PRs got the proper labels. Someone should merge these PRs >>>> and delete the branches. >>>> >>>> Also, it seems that dependabot should be reconfigured to not create >>>> duplicate branches and PRs. >>>> >>>> -- >>>> Terry Jan Reedy >>>> _______________________________________________ >>>> python-committers mailing list -- python-committers@python.org >>>> To unsubscribe send an email to python-committers-le...@python.org >>>> https://mail.python.org/mailman3/lists/python-committers.python.org/ >>>> Message archived at >>>> https://mail.python.org/archives/list/python-committers@python.org/message/3NREMKOZNH6Q5KMUFTPD66YAXUP6DIC4/ >>>> Code of Conduct: https://www.python.org/psf/codeofconduct/ >>>> >>> -- >>> --Guido (mobile) >>> _______________________________________________ >>> python-committers mailing list -- python-committers@python.org >>> To unsubscribe send an email to python-committers-le...@python.org >>> https://mail.python.org/mailman3/lists/python-committers.python.org/ >>> Message archived at >>> https://mail.python.org/archives/list/python-committers@python.org/message/F6YDV3LBHIHORFMEGVIIFCYKZS7M4GET/ >>> Code of Conduct: https://www.python.org/psf/codeofconduct/ >>> >> > > -- > --Guido van Rossum (python.org/~guido) > *Pronouns: he/him **(why is my pronoun here?)* > <http://feministing.com/2015/02/03/how-using-they-as-a-singular-pronoun-can-change-the-world/> >
_______________________________________________ python-committers mailing list -- python-committers@python.org To unsubscribe send an email to python-committers-le...@python.org https://mail.python.org/mailman3/lists/python-committers.python.org/ Message archived at https://mail.python.org/archives/list/python-committers@python.org/message/VE6ODUMIAKGXDKD6CWHAKEIKCYGWRIEZ/ Code of Conduct: https://www.python.org/psf/codeofconduct/
