Rhys Koedijk

Could somebody still facing this issue do an update using v1.38.1 with "Enable system diagnostics" selected on the pipeline run? This version should dump more info about the failed push...

@DaleMckeown thanks, that log is very helpful. It looks like on the 2nd update, the local git repo is not being reset correctly. It is likely that this issue was...

Yes

Ah sorry, you'll need the DevOps access token input set too, e.g: ```yaml - task: dependabot@2 inputs: targetRepositoryName: '$(Build.Repository.Name)' azureDevOpsAccessToken: '$(System.AccessToken)' # or whatever access token you normally use for...

@bhiggins14 you probably need to replace `token: PAT:${{ variables.ADO_PAT }}` with `token: PAT:${{ADO_PAT}}`; You can only reference environment variables. See the purple tips in [configuring private feeds and registries](https://github.com/tinglesoftware/dependabot-azure-devops?tab=readme-ov-file#configuring-private-feeds-and-registries).

Given that no errors are logged to console, it could just be a general performance issue during NuGet discovery rather than a specific bug in the update process. v1.25 was...

@eli-gc thanks for the report. Are you able to upload a minimal reproduction repo for this? or attach a copy of your `packages.json` and `yarn.lock` so that we can reproduce...

> Let me check if I can post those If it helps, I really only need the `dependencies` section of your `package.json` and `yarn.lock`; This should be enough to reproduce...

Just an update on this, I haven't managed to reproduce the issue yet, but do want to mention that there are known issues reported in dependabot-core around NPM updates stalling...

@epicstar Dependabot does not have a timeout, the pipeline does. You need to configure the timeout on the pipeline, there are some limitations if you are not using paid agents....