dependabot-core icon indicating copy to clipboard operation
dependabot-core copied to clipboard

Published 20 hours ago • verified publisher icon dependabot

Dependabot modifying dependency URLs causes Git clone error after upgrading to PNPM 9.4.0

Open CaoMeiYouRen opened this issue 7 months ago • 11 comments

Hi , I noticed that after upgrading to PNPM 9.4.0, Dependabot is modifying the dependency URLs from https://codeload.github.com/ to git+https://[email protected], which is causing the following error:

ERROR  Command failed with exit code 128: /usr/bin/git clone [email protected]:CaoMeiYouRen/rss-parser.git /home/runner/setup-pnpm/node_modules/.bin/store/v3/tmp/_tmp_1835_81cad7a39cafa01315f02c3d60683486

CaoMeiYouRen/rss-impact-server/pull/178

This seems to be related to the way PNPM handles Git dependencies. I would like to know if it is related to this change

Originally posted by @CaoMeiYouRen in https://github.com/dependabot/dependabot-core/issues/10073#issuecomment-2200627853

CaoMeiYouRen avatar Jul 02 '24 01:07 CaoMeiYouRen