Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rights access issue on private dependency #1811

Closed
laurieplo opened this issue Apr 20, 2020 · 1 comment
Closed

Rights access issue on private dependency #1811

laurieplo opened this issue Apr 20, 2020 · 1 comment
Labels
F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. L: php:composer Issues and code for Composer T: bug 🐞 Something isn't working

Comments

@laurieplo
Copy link

I have this error message since 0.112.0 that was not there before. It is on a composer private repository dependency.

/usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_metadata_fetcher.rb:57:in `fetch_upload_pack_for': The following git URLs could not be retrieved: XXX (Dependabot::GitDependenciesNotReachable)
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_metadata_fetcher.rb:16:in `upload_pack'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_metadata_fetcher.rb:114:in `parse_refs_for_upload_pack'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_metadata_fetcher.rb:108:in `refs_for_upload_pack'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_metadata_fetcher.rb:41:in `head_commit_for_ref'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/git_commit_checker.rb:83:in `head_commit_for_current_branch'
 	from /usr/local/bundle/gems/dependabot-composer-0.113.28/lib/dependabot/composer/update_checker.rb:148:in `latest_version_for_git_dependency'
 	from /usr/local/bundle/gems/dependabot-composer-0.113.28/lib/dependabot/composer/update_checker.rb:18:in `latest_version'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/update_checkers/base.rb:187:in `sha1_version_up_to_date?'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/update_checkers/base.rb:163:in `version_up_to_date?'
 	from /usr/local/bundle/gems/dependabot-common-0.113.28/lib/dependabot/update_checkers/base.rb:27:in `up_to_date?'
 	from main.rb:111:in `block in <main>'
 	from main.rb:101:in `each'
 	from main.rb:101:in `<main>'
`
``
@mattt mattt added F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. L: php:composer Issues and code for Composer T: bug 🐞 Something isn't working labels Dec 13, 2021
@jeffwidman
Copy link
Member

This is an ancient ticket, from before Dependabot ran on GitHub native... so our code and security access patterns/authorization requirements have changed a lot since then. So I'm going to close.

If this is still an issue please comment and we can re-open.

Possibly related:

@jeffwidman jeffwidman closed this as not planned Won't fix, can't repro, duplicate, stale Nov 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
F: private-registries 💂‍♂️ Issues about using private registries with Dependabot; may be paired with an R: label. L: php:composer Issues and code for Composer T: bug 🐞 Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@mattt @jeffwidman @laurieplo