You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What you expected to see, versus what you actually saw
Dependabot PR's embed the changelog of the updated dependency in its PR body.
These changelogs often include text in the form of:
go: duplicate conversion functions when parent structs have the same base name (#2697) (52bd510), closes https://github.com/aws/jsii/issues/2632
This creates a closing relationship between the dependabot PR and the issue mentioned in the changelog.
This creates clutter and confusion, as the dependabot PR most certainly does not resolve the issue it mentions.
In addition, if the PR is approved/merged by a user that has permissions to both repositories, merging the dependabot PR will actually close the mentioned issue, which is not intended.
Images of the diff or a link to the PR, issue or logs
You can also see the amount of links created to this issue due to dependabot PR's in unrelated repositories.
I would expect dependabot PR's to not create any implicit links to other issues, and this indeed doesn't seem intentional, but rather a consequence of GitHub functionality.
The text was updated successfully, but these errors were encountered:
Package manager/ecosystem
ALL
Manifest contents prior to update
Not Applicable
Updated dependency
Any
What you expected to see, versus what you actually saw
Dependabot PR's embed the changelog of the updated dependency in its PR body.
These changelogs often include text in the form of:
This creates a closing relationship between the dependabot PR and the issue mentioned in the changelog.
This creates clutter and confusion, as the dependabot PR most certainly does not resolve the issue it mentions.
In addition, if the PR is approved/merged by a user that has permissions to both repositories, merging the dependabot PR will actually close the mentioned issue, which is not intended.
Images of the diff or a link to the PR, issue or logs
For example, the following dependabot PR in the
aws-delivlib-sample
repository, closed an issue in thejsii
repository.You can also see the amount of links created to this issue due to dependabot PR's in unrelated repositories.
I would expect dependabot PR's to not create any implicit links to other issues, and this indeed doesn't seem intentional, but rather a consequence of GitHub functionality.
The text was updated successfully, but these errors were encountered: