output directory set to target branch name

Question

output directory set to target branch name

hashtagchris opened this issue 10 days ago · comments

I think the output directory is set to /{branch-name} when target-branch is specified in dependabot.yml, a single npm dependency is updated, and that dependency is scoped (has two segments).

dependabot.yml with target branch name: https://github.com/npm/agent/blob/21c19874834fb00c7ab37268b385fb84deb2df04/.github/dependabot.yml

Example Dependabot PR branch names

The first PR updates just @npmcli/template-oss. The second updates multiple dependencies including @npmcli/template-oss.

PR	branch name	branch name segments	`outputs.directory`
npm/agent#110	`dependabot/npm_and_yarn/main/npmcli/template-oss-4.23.0`	5	`/main`
npm/statusboard#877	`dependabot/npm_and_yarn/main/dependency-updates-4de8b5bfcf`	4	`/`

npm/agent output:

Run dependabot/fetch-metadata@v1
Parsing Dependabot metadata
Outputting metadata for 1 updated dependency
  outputs.dependency-names: @npmcli/template-oss
  outputs.dependency-type: direct:development
  outputs.update-type: version-update:semver-minor
  outputs.directory: /main
  outputs.package-ecosystem: npm_and_yarn
  outputs.target-branch: main
  outputs.previous-version: 4.22.0
  outputs.new-version: 4.23.0
  outputs.compatibility-score: 0
  outputs.maintainer-changes: false
  outputs.dependency-group: 
  outputs.alert-state: 
  outputs.ghsa-id: 
  outputs.cvss: 0

npm/statusboard output:

Run dependabot/fetch-metadata@v1
Parsing Dependabot metadata
Outputting metadata for 3 updated dependencies
  outputs.dependency-names: @npmcli/template-oss, @octokit/rest, semver
  outputs.dependency-type: direct:production
  outputs.update-type: version-update:semver-minor
  outputs.directory: /
  outputs.package-ecosystem: npm_and_yarn
  outputs.target-branch: main
  outputs.previous-version: 
  outputs.new-version: 
  outputs.compatibility-score: 0
  outputs.maintainer-changes: false
  outputs.dependency-group: dependency-updates
  outputs.alert-state: 
  outputs.ghsa-id: 
  outputs.cvss: 0

Chris Sidi · Answer 1 · Wed Jul 17 2024 23:08:56 GMT+0800 (China Standard Time)

Issue is still present in v2 release, and the main branch:

https://github.com/npm/agent/actions/runs/9976724284/job/27569631669

Run dependabot/fetch-metadata@main
  
Parsing Dependabot metadata
Outputting metadata for 1 updated dependency
  outputs.dependency-names: @npmcli/template-oss
  outputs.dependency-type: direct:development
  outputs.update-type: version-update:semver-minor
  outputs.directory: /main
  outputs.package-ecosystem: npm_and_yarn
  outputs.target-branch: main
  outputs.previous-version: 4.22.0
  outputs.new-version: 4.23.0
  outputs.compatibility-score: 0
  outputs.maintainer-changes: false
  outputs.dependency-group: 
  outputs.alert-state: 
  outputs.ghsa-id: 
  outputs.cvss: 0

Jeff Widman · Answer 2 · Sat Jul 20 2024 13:16:35 GMT+0800 (China Standard Time)

I'm sorry, I don't understand the issue as currently described.

What is your desired/expected behavior? And what is the current behavior?