dependabot-core
dependabot-core copied to clipboard
dependabot
Dependabot does not update shared action in `.github/actions/*/action.yml`
Is there an existing issue for this?
- [X] I have searched the existing issues
Package ecosystem
github-actions
Package manager version
No response
Language version
No response
Manifest location and content before the Dependabot update
No response
dependabot.yml content
version: 2
updates:
- package-ecosystem: github-actions
directory: '/'
schedule:
interval: weekly
- package-ecosystem: pnpm
directory: '/'
schedule:
interval: daily
security-updates-only: true
- package-ecosystem: docker
directory: '/'
schedule:
interval: weekly
Updated dependency
No response
What you expected to see, versus what you actually saw
https://github.com/hplush/slowreader/pull/216
Dependabot updated pnpm/action-setup in .github/workflows/preview-prepare.yml and .github/workflows/proxy.yml , but missed .github/actions/init-node/action.yml used in other workflows
Native package manager behavior
No response
Images of the diff or a link to the PR, issue, or logs
No response
Smallest manifest that reproduces the issue
No response
Not sure if that's a actually a bug, but we faced the same issue and fixed it by simply setting the path to the shared workflows directly like so: https://github.com/wasmCloud/wasmCloud/blob/790cb148e088301656e8482a5a9b44fcf774f1c6/.github/dependabot.yml#L43-L50
