Dependabot is spamming pull requests on my repos #10638
Labels
Comments
|
@jmax01 that issue does not appear to mention bulk opening and closing of MRs? Unless I am misunderstanding something here..? This appears to be part of their new bulk grouping mechanism for security updates. |
You are correct I was sloppy. It should have been a question. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Package ecosystem
maven
Package manager version
3.9.10
Language version
11
Manifest location and content before the Dependabot update
No response
dependabot.yml content
No response
Updated dependency
No response
What you expected to see, versus what you actually saw
I have just received over a dozen PRs being raised and immediately closed on my repository. Seems the bot just reraises the same PR with each new project it affects, and then closes previous PRs, which is extremely spammy.
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
ascopes/protobuf-maven-plugin#389
ascopes/protobuf-maven-plugin#388
ascopes/protobuf-maven-plugin#387
ascopes/protobuf-maven-plugin#374
ascopes/protobuf-maven-plugin#375
ascopes/protobuf-maven-plugin#376
ascopes/protobuf-maven-plugin#377
ascopes/protobuf-maven-plugin#378
ascopes/protobuf-maven-plugin#379
ascopes/protobuf-maven-plugin#380
ascopes/protobuf-maven-plugin#381
ascopes/protobuf-maven-plugin#382
ascopes/protobuf-maven-plugin#383
ascopes/protobuf-maven-plugin#384
ascopes/protobuf-maven-plugin#385
ascopes/protobuf-maven-plugin#386
ascopes/protobuf-maven-plugin#387
Smallest manifest that reproduces the issue
No response
The text was updated successfully, but these errors were encountered: