dependabot-core
dependabot-core copied to clipboard
dependabot
Private Org with Private Nuget Registry error NU1301: Failed to retrieve information
Is there an existing issue for this?
- [X] I have searched the existing issues
Package ecosystem
nuget
Package manager version
No response
Language version
.NET C#
Manifest location and content before the Dependabot update
No response
dependabot.yml content
version: 2 registries: PrivateOrgGitHub: type: nuget-feed url: https://nuget.pkg.github.com/A-PRIVATE-ORG username: [email protected] password: ${{ secrets.PACKAGE_ACCESS_TOKEN }} nuget.org: type: nuget-feed url: https://api.nuget.org updates:
- package-ecosystem: "nuget"
directory: "/"
schedule:
interval: "daily"
allow:
- dependency-name: "sts*" registries:
- PrivateOrgGitHub
- nuget.org
Updated dependency
Expected package STS to go from 3.0.16 to 3.0.18
What you expected to see, versus what you actually saw
After this issue was closed: https://github.com/dependabot/dependabot-core/issues/8837#event-11591103952 which was impacting trying to get private registry nuget feeds working. We now see another error with dependabot updates.
Seeing errors indicated trying to retrieve information about the private package like this:
updater | /tmp/package-dependency-resolution_XdezTk/Project.csproj : error NU1301: Failed to retrieve information about 'STS' from remote source 'https://nuget.pkg.github.com/A-PRIVATE-ORG/FindPackagesById()?id='STS'&semVerLevel=2.0.0'.
Attaching log:
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response
I faced a similar issue and I workaround by using packagesourcecredentials with environment variable in nuget.config file.
https://learn.microsoft.com/en-us/nuget/reference/nuget-config-file#packagesourcecredentials
Accessing private NuGet feeds has had some big improvements recently, is this still happening?
