-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
NuGet update_not_possible
for group update
#10834
Comments
Good catch, and thank you for the log. I think the interesting line is this:
but we'll have to investigate a bit to see exactly what that means. |
@brettfo I'm hitting this issue in a lot in my projects that use groups so decided to look in to it a bit more. 2024/10/27 01:25:40 INFO Updating Microsoft.Extensions.DependencyInjection from 8.0.0 to 8.0.1
<!-- FILE BEFORE UPDATE -->
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
</ItemGroup>
</Project>
running NuGet updater:
/opt/nuget/NuGetUpdater/NuGetUpdater.Cli update --repo-root /home/dependabot/dependabot-updater/repo --solution-or-project /home/dependabot/dependabot-updater/repo/Project.csproj --dependency Microsoft.Extensions.DependencyInjection --new-version 8.0.1 --previous-version 8.0.0 --result-output-path /tmp/update-result.json
<!-- ...snip... -->
2024/10/27 01:25:50 INFO update result: {
"ErrorType": null,
"ErrorDetails": null
}
<!-- FILE AFTER UPDATE -->
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
</ItemGroup>
</Project>
The contents of file [Project.csproj] were updated.
<!--
OK so far;
Microsoft.Extensions.DependencyInjection 8.0.0 -> 8.0.1
-->
2024/10/27 01:26:01 INFO Updating Microsoft.Extensions.Logging, Microsoft.Extensions.DependencyInjection, Microsoft.Extensions.Logging.Abstractions
<!-- FILE BEFORE UPDATE -->
Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.0" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.1" />
</ItemGroup>
</Project>
running NuGet updater:
/opt/nuget/NuGetUpdater/NuGetUpdater.Cli update --repo-root /home/dependabot/dependabot-updater/repo --solution-or-project /home/dependabot/dependabot-updater/repo/Project.csproj --dependency Microsoft.Extensions.Logging --new-version 8.0.1 --previous-version 8.0.0 --result-output-path /tmp/update-result.json
<!-- ...snip... -->
2024/10/27 01:26:08 INFO update result: {
"ErrorType": null,
"ErrorDetails": null
}
<!-- FILE AFTER UPDATE -->
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.2" />
</ItemGroup>
</Project>
The contents of file [Project.csproj] were updated
<!--
OK so far;
Microsoft.Extensions.Logging 8.0.0 -> 8.0.1
Microsoft.Extensions.Logging.Abstractions 8.0.1 -> 8.0.2 (this was forced by Microsoft.Extensions.Logging 8.0.1)
-->
2024/10/27 01:26:08 INFO Updating Microsoft.Extensions.Logging.Abstractions from 8.0.1 to 8.0.2
<!--
Arguably, `file_updater.rb` should have skipped this update since the dependency was updated by the
previous dependency. However, it currently has no way of knowing this since it doesn't track individual
dependencies changed by the updater, only that "something was changed".
-->
<!-- FILE BEFORE UPDATE -->
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.2" />
</ItemGroup>
</Project>
running NuGet updater:
/opt/nuget/NuGetUpdater/NuGetUpdater.Cli update --repo-root /home/dependabot/dependabot-updater/repo --solution-or-project /home/dependabot/dependabot-updater/repo/Project.csproj --dependency Microsoft.Extensions.Logging.Abstractions --new-version 8.0.2 --previous-version 8.0.1 --result-output-path /tmp/update-result.json
<!-- ...snip... -->
2024/10/27 01:26:10 INFO update result: {
"ErrorType": null,
"ErrorDetails": null
}
<!-- FILE AFTER UPDATE -->
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net8.0</TargetFrameworks>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Microsoft.Extensions.DependencyInjection" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging" Version="8.0.1" />
<PackageReference Include="Microsoft.Extensions.Logging.Abstractions" Version="8.0.2" />
</ItemGroup>
</Project>
<!--
NuGetUpdater behaves correctly here;
Microsoft.Extensions.Logging.Abstractions is up to date, no files were changed, no error reported.
However, `file_updater.rb` see that no files where changed by NuGetUpdater and assumes that the
update failed, which it didn't.
-->
2024/10/27 01:26:10 INFO Handled error whilst updating Microsoft.Extensions.Logging.Abstractions: update_not_possible {:dependencies=>["Microsoft.Extensions.Logging.Abstractions"]}
<!-- ...snip... -->
2024/10/27 01:26:18 INFO Results:
+------------------------------------------------------------------------------------------------------------------------------------+
| Changes to Dependabot Pull Requests |
+---------+--------------------------------------------------------------------------------------------------------------------------+
| created | Microsoft.Extensions.DependencyInjection ( from 8.0.0 to 8.0.1 ), Microsoft.Extensions.Logging ( from 8.0.0 to 8.0.1 ... |
+---------+--------------------------------------------------------------------------------------------------------------------------+
Dependabot encountered '1' error(s) during execution, please check the logs for more details.
+-----------------------------------------------------------------+
| Dependencies failed to update |
+-------------------------------------------+---------------------+
| Microsoft.Extensions.Logging.Abstractions | update_not_possible |
+-------------------------------------------+---------------------+ I'm interested in fixing this, but there are multiple ways to solve it and I don't know if the responsibility lies in the Ruby code or the NuGet code. AFAIK, the Ruby code does not have enough information about sub-dependency relationships to make the decision; NuGetUpdater does have this information, but has no way to communicate back to the Ruby code that multiple dependencies were changed as a result of single dependency update command. I briefly experimented with making the The only other way I could think to fix this is that the "nothing was changed, update_not_possible" logic would have to be removed to allow for this scenario. Maybe this check should instead rely on the return code of NuGetUpdater to decide if the update failed or not rather than inspecting the contents of the dependency files. I'm assuming this "empty check" exists to protect against other scenarios, so I'm hesitant in trying to remove it. If you have a preference on how this should be fixed, I'd be happy to give it a try. |
Hi, I also use the mentioned extention from Tingle Software for scanning our Repos in Azure DevOps. One project with .NET 8 works fine, but with the second project (.NET 6) I can run the pipeline and it exits with errors, but PRs for the direct used packages (System.Text.Json and Microsoft.AspNetCore.Components) could be created. The others lead to the errors:
The warnings are always for "transitive dependencies". But there are also NETSDK1100 errors in the log?
Has this the same root cause or is this another issue? Thanks, |
@mikeKuester This looks like it's probably a separate issue. Could you file a new issue with your log files? |
Is there an existing issue for this?
This is similar to #10744, but different in that it is not related to dependency conflicts.
Original issue was reported in tinglesoftware/dependabot-azure-devops#1422.
Package ecosystem
NuGet
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
dependabot.yml content
Updated dependency
What you expected to see, versus what you actually saw
I expect the a pull request with three dependency updates; no errors.
What I actually see is a pull request with three dependency updates, but also an
update_not_possible
error that causes the update to fail. Because of the error, Dependabot does not outputcreate_pull_request
.I made a change to Dependabot CLI so that it would output the
create_pull_request
info in dependabot/cli#376 and what I can see is that it is actually creating the pull request with the expected dependency updates, it just also throws this error; Despite what the error says,Microsoft.Extensions.Logging.Abstractions
is actually updated.Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
Dependabot CLI log output
Smallest manifest that reproduces the issue
https://github.com/rhyskoedijk/dependabot-test-nuget-update-not-possible
dependabot update -f job.yml -o out.yml
The text was updated successfully, but these errors were encountered: