Dependency ecosystems not correctly detected #29
Labels
bug
Something isn't working
keep
do not mark as stale
ready-for-work
Issue is defined enough to begin implementation
The logic to detect whether to configure package updates for most ecosystems, except for GitHub Actions and Terraform only appears to consider files in the root of the repository.
I found this after testing the action out on a .NET repository where the
.csproj
files are in subdirectories within the repository. The action generated adependabot.yml
file that only specified GitHub Actions updates.Each file tested for should recurse through the repository to try and files (maybe within a configurable depth limit to reduce impact on rate limits) so that the generated file is a more accurate reflection of what should be configured.
The text was updated successfully, but these errors were encountered: