Fix nuget.config not using correct credentials during NuGet updates of .NET Framework projects #1248
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
@mburumaxwell this might be a controversial change (overriding dependabot-core code), but I'm putting it up anyway since it does solve #1243 and a few other scenarios I found while testing .NET Framework projects. This fix probably belongs in dependabot-core, but it would take a while for it to be accepted there. So I'm thinking add it here first, get some user feedback that we've fixed various auth issues, then I'll submit a PR to dependabot-core with these fixes and see what they're willing to accept. The changes here are very easy to delete if they get resolved in dependabot-core in the future. thoughts? |
1 task
added 3 commits
July 26, 2024 18:38
1 task
Indeed! I wish, pray, hope this can be done in core. Will accept now. |
kzhuklinets
added a commit
to kirillcoso/dependabot-azure-devops
that referenced
this pull request
Aug 13, 2024
* Bump the event-bus group with 2 updates (tinglesoftware#1156) Bumps the event-bus group with 2 updates: [Tingle.EventBus.Transports.Azure.ServiceBus](https://github.com/tinglesoftware/eventbus) and [Tingle.EventBus.Transports.InMemory](https://github.com/tinglesoftware/eventbus). Updates `Tingle.EventBus.Transports.Azure.ServiceBus` from 0.21.2 to 0.22.0 - [Release notes](https://github.com/tinglesoftware/eventbus/releases) - [Commits](tinglesoftware/eventbus@0.21.2...0.22.0) Updates `Tingle.EventBus.Transports.InMemory` from 0.21.2 to 0.22.0 - [Release notes](https://github.com/tinglesoftware/eventbus/releases) - [Commits](tinglesoftware/eventbus@0.21.2...0.22.0) --- updated-dependencies: - dependency-name: Tingle.EventBus.Transports.Azure.ServiceBus dependency-type: direct:production update-type: version-update:semver-minor dependency-group: event-bus - dependency-name: Tingle.EventBus.Transports.InMemory dependency-type: direct:production update-type: version-update:semver-minor dependency-group: event-bus ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Change updates time from 04:00 to 02:00 to be consistent with our other repositories and hence ease management * Bump the tingle group with 3 updates (tinglesoftware#1157) * Import constants for requirements_update_strategy (tinglesoftware#1159) * Bump rubocop-performance in /updater in the rubocop group (tinglesoftware#1165) * Bump ts-jest from 29.1.4 to 29.1.5 in /extension in the jest group (tinglesoftware#1164) * Bump YamlDotNet from 15.1.6 to 15.3.0 (tinglesoftware#1163) * Bump the azure group with 2 updates (tinglesoftware#1162) * Bump dependabot-omnibus from 0.260.0 to 0.261.0 in /updater (tinglesoftware#1166) * Regenerate lock file which fixes vulnerabilities * Set packageManager in package.json * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1172) * Bump Azure.Identity from 1.11.4 to 1.12.0 in the azure group (tinglesoftware#1176) * Bump turbo_tests from 2.2.3 to 2.2.4 in /updater (tinglesoftware#1168) * Create groups for sentry and opentelemetry updates * Bump the opentelemetry group in /updater with 4 updates (tinglesoftware#1177) Bumps the opentelemetry group in /updater with 4 updates: [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-ruby), [opentelemetry-instrumentation-excon](https://github.com/open-telemetry/opentelemetry-ruby-contrib), [opentelemetry-instrumentation-faraday](https://github.com/open-telemetry/opentelemetry-ruby-contrib) and [opentelemetry-instrumentation-net_http](https://github.com/open-telemetry/opentelemetry-ruby-contrib). Updates `opentelemetry-exporter-otlp` from 0.27.0 to 0.28.0 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby/blob/main/exporter/otlp/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby@opentelemetry-exporter-otlp/v0.27.0...opentelemetry-exporter-otlp/v0.28.0) Updates `opentelemetry-instrumentation-excon` from 0.22.2 to 0.22.3 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/excon/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-excon/v0.22.2...opentelemetry-instrumentation-excon/v0.22.3) Updates `opentelemetry-instrumentation-faraday` from 0.24.3 to 0.24.5 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/faraday/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-faraday/v0.24.3...opentelemetry-instrumentation-faraday/v0.24.5) Updates `opentelemetry-instrumentation-net_http` from 0.22.5 to 0.22.6 - [Release notes](https://github.com/open-telemetry/opentelemetry-ruby-contrib/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-ruby-contrib/blob/main/instrumentation/net_http/CHANGELOG.md) - [Commits](open-telemetry/opentelemetry-ruby-contrib@opentelemetry-instrumentation-net_http/v0.22.5...opentelemetry-instrumentation-net_http/v0.22.6) --- updated-dependencies: - dependency-name: opentelemetry-exporter-otlp dependency-type: direct:production update-type: version-update:semver-minor dependency-group: opentelemetry - dependency-name: opentelemetry-instrumentation-excon dependency-type: direct:production update-type: version-update:semver-patch dependency-group: opentelemetry - dependency-name: opentelemetry-instrumentation-faraday dependency-type: direct:production update-type: version-update:semver-patch dependency-group: opentelemetry - dependency-name: opentelemetry-instrumentation-net_http dependency-type: direct:production update-type: version-update:semver-patch dependency-group: opentelemetry ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump typescript from 5.4.5 to 5.5.2 in /extension (tinglesoftware#1173) * Bump typescript from 5.4.5 to 5.5.2 in /extension Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.5 to 5.5.2. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.4.5...v5.5.2) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * Update target ESLINT --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Maxwell Weru <[email protected]> * Bump dependabot-omnibus from 0.261.0 to 0.262.0 in /updater (tinglesoftware#1170) Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.261.0 to 0.262.0. - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](dependabot/dependabot-core@v0.261.0...v0.262.0) --- updated-dependencies: - dependency-name: dependabot-omnibus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Remove codeql workflows so that we can leverage the automatic setup * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1179) * Bump the tingle group with 3 updates (tinglesoftware#1182) * Bump Microsoft.VisualStudio.Azure.Containers.Tools.Targets (tinglesoftware#1183) * Bump Microsoft.FeatureManagement.AspNetCore in the microsoft group (tinglesoftware#1181) * Bump Azure.ResourceManager.AppContainers in the azure group (tinglesoftware#1180) * Bump the sentry group in /updater with 2 updates (tinglesoftware#1184) * Bump dependabot-omnibus from 0.262.0 to 0.263.0 in /updater (tinglesoftware#1185) * Fix missing module name (tinglesoftware#1187) * Reorganise code in to lib folder; seperate dependabot code from tinglesoftware code using unique module names (tinglesoftware#1188) * Add developer guide documentation; ignore extension build artifacts (tinglesoftware#1189) * Bump the sentry group in /updater with 2 updates (tinglesoftware#1193) * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1195) * Bump typescript from 5.5.2 to 5.5.3 in /extension (tinglesoftware#1196) * Bump dependabot-omnibus from 0.263.0 to 0.264.0 (tinglesoftware#1191) * Use correct version of dependabot-updater base image when running the 'updater' workflow (tinglesoftware#1192) * Fix module name (tinglesoftware#1199) * Use latest dependabot updater code; Remove scripts from `updater/bin` that don't work (tinglesoftware#1197) * Add some more debug statements, and validate data length before reading result (tinglesoftware#1200) * Changes to `.rubocop*.yml`, `.ruby-version`, and `Rakefile` should trigger the updater workflow * Update update-files.ps1 and related files (tinglesoftware#1202) * Enable sorbet and update files (tinglesoftware#1203) * Bump dependabot-omnibus from 0.264.0 to 0.265.0 in /updater (tinglesoftware#1205) Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.264.0 to 0.265.0. - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](dependabot/dependabot-core@v0.264.0...v0.265.0) --- updated-dependencies: - dependency-name: dependabot-omnibus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * If allow condition "dependency-name" is nil, use "*"; Use wildcard matching instead of regex matching (tinglesoftware#1208) * Bump the xunit group with 2 updates (tinglesoftware#1212) * Bump the microsoft group with 8 updates (tinglesoftware#1211) * Bump ts-jest from 29.1.5 to 29.2.2 in /extension in the jest group (tinglesoftware#1215) * Bump dotnet-ef from 8.0.6 to 8.0.7 (tinglesoftware#1214) * Fix allow condition logic (tinglesoftware#1209) * Add missing early return statement * Bump YamlDotNet from 15.3.0 to 16.0.0 (tinglesoftware#1213) Bumps YamlDotNet from 15.3.0 to 16.0.0. --- updated-dependencies: - dependency-name: YamlDotNet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * New "vNext" update script using dependabot-core updater; aligns update behaviour more closely with the GitHub Dependabot service (tinglesoftware#1186) * DevOps extension task new updater commands and options (tinglesoftware#1216) * Bump dependabot-omnibus from 0.265.0 to 0.266.0 in /updater (tinglesoftware#1218) Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.265.0 to 0.266.0. - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](dependabot/dependabot-core@v0.265.0...v0.266.0) --- updated-dependencies: - dependency-name: dependabot-omnibus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Fix error when attempting to update a pre-1.30 pull request using the new vNext script (tinglesoftware#1219) * Fix PRs being incorrectly abandoned when using multiple package ecosystems (tinglesoftware#1221) * Bump the tingle group with 3 updates (tinglesoftware#1229) * Bump Azure.Messaging.ServiceBus from 7.17.5 to 7.18.0 in the azure group (tinglesoftware#1226) * Bump the event-bus group with 2 updates (tinglesoftware#1227) * Bump ts-jest from 29.2.2 to 29.2.3 in /extension in the jest group (tinglesoftware#1224) * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1225) * Update groups * Log updated file diffs when 'skip pull requests' and 'debug' options are true (tinglesoftware#1230) * Fix for group PRs being closed on refresh when nothing has changed (tinglesoftware#1222) * Bump Microsoft.FeatureManagement.AspNetCore (tinglesoftware#1231) * Fix logging error when creating new PR and the open PR limit has been reached (tinglesoftware#1223) * Automatically install the Azure Artifacts Credential Provider if DevOps NuGet feeds are configured (tinglesoftware#1233) * Bump the sentry group in /updater with 2 updates (tinglesoftware#1235) Bumps the sentry group in /updater with 2 updates: [sentry-opentelemetry](https://github.com/getsentry/sentry-ruby) and [sentry-ruby](https://github.com/getsentry/sentry-ruby). Updates `sentry-opentelemetry` from 5.18.1 to 5.18.2 - [Release notes](https://github.com/getsentry/sentry-ruby/releases) - [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-ruby@5.18.1...5.18.2) Updates `sentry-ruby` from 5.18.1 to 5.18.2 - [Release notes](https://github.com/getsentry/sentry-ruby/releases) - [Changelog](https://github.com/getsentry/sentry-ruby/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-ruby@5.18.1...5.18.2) --- updated-dependencies: - dependency-name: sentry-opentelemetry dependency-type: direct:production update-type: version-update:semver-patch dependency-group: sentry - dependency-name: sentry-ruby dependency-type: direct:production update-type: version-update:semver-patch dependency-group: sentry ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Sync files for updater version 0.266.0 (tinglesoftware#1236) Follow up to tinglesoftware#1235 * Regenerate Gemfile.lock * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1237) Bumps the js-ts-types group in /extension with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 20.14.11 to 20.14.12 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-type: direct:development update-type: version-update:semver-patch dependency-group: js-ts-types ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump typescript from 5.5.3 to 5.5.4 in /extension (tinglesoftware#1239) Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.3 to 5.5.4. - [Release notes](https://github.com/Microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](microsoft/TypeScript@v5.5.3...v5.5.4) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump gittools/actions from 1 to 2 (tinglesoftware#1238) Bumps [gittools/actions](https://github.com/gittools/actions) from 1 to 2. - [Release notes](https://github.com/gittools/actions/releases) - [Commits](GitTools/actions@v1...v2) --- updated-dependencies: - dependency-name: gittools/actions dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump Microsoft.Azure.AppConfiguration.AspNetCore in the azure group (tinglesoftware#1240) Bumps the azure group with 1 update: [Microsoft.Azure.AppConfiguration.AspNetCore](https://github.com/Azure/Azconfig-DotnetProvider). Updates `Microsoft.Azure.AppConfiguration.AspNetCore` from 7.2.0 to 7.3.0 - [Release notes](https://github.com/Azure/Azconfig-DotnetProvider/releases) - [Commits](Azure/AppConfiguration-DotnetProvider@7.2.0...7.3.0) --- updated-dependencies: - dependency-name: Microsoft.Azure.AppConfiguration.AspNetCore dependency-type: direct:production update-type: version-update:semver-minor dependency-group: azure ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * NuGet feed auth support for Azure DevOps, Azure DevOps Server, and third-party NuGet servers (tinglesoftware#1241) * Add `helpUrl` and `releaseNotes` to the extension task. * Remove unused `useConfigFile` input (tinglesoftware#1244) * Reference discussion for permission in bug report template * Remove docker demand and rely on `tl.which` (tinglesoftware#1246) This should allow private agents with non-standard discovery. * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1250) * Bump dependabot-omnibus from 0.266.0 to 0.267.0 in /updater (tinglesoftware#1252) * Bump the opentelemetry group in /updater with 6 updates (tinglesoftware#1249) * Fix nuget.config not using correct credentials during NuGet updates of .NET Framework projects (tinglesoftware#1248) * Sync files for updater version 0.267.0 * Enable opentelemetry in `updater_script_vnext` (tinglesoftware#1254) This is the first step towards adding telemetry to the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has. * Enable sentry in `updater_script_vnext` (tinglesoftware#1255) This is the second step towards monitoring the updater. Useful in debugging of issues and general analytics. It follows what the GitHub hosted version has. OpenTelemetry was setup in tinglesoftware#1254. Next step is to connect the error handler. * Update update_script.rb * Backport NuGet auth fix to `update_script`; Prevent NuGet leaking passwords in logs (tinglesoftware#1256) * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Bump axios from 1.7.2 to 1.7.3 in /extension (tinglesoftware#1264) * Bump @types/node in /extension in the js-ts-types group (tinglesoftware#1262) * Bump ts-jest from 29.2.3 to 29.2.4 in /extension in the jest group (tinglesoftware#1261) * Bump azure-pipelines-task-lib from 4.13.0 to 4.15.0 in /extension (tinglesoftware#1263) * Bump Azure.Messaging.ServiceBus from 7.18.0 to 7.18.1 in the azure group (tinglesoftware#1258) * Bump dependabot-omnibus from 0.267.0 to 0.268.0 in /updater (tinglesoftware#1259) Bumps [dependabot-omnibus](https://github.com/dependabot/dependabot-core) from 0.267.0 to 0.268.0. - [Release notes](https://github.com/dependabot/dependabot-core/releases) - [Changelog](https://github.com/dependabot/dependabot-core/blob/main/CHANGELOG_ARCHIVE_2019_TO_SWITCH_TO_GITHUB_RELEASES.md) - [Commits](dependabot/dependabot-core@v0.267.0...v0.268.0) --- updated-dependencies: - dependency-name: dependabot-omnibus dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Regenerate Gemfile.lock * Sync files for updater version 0.268.0 * Update rubocop * Update update_script.rb * Make use of OpenTelemetry in the updater (tinglesoftware#1268) * Update azure.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update azure.rb * Update azure.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update Gemfile * Update update_script.rb * Update Gemfile * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update GitVersion and react to changes (tinglesoftware#1270) * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update updater.yml * revert * Update updater.yml * Update updater.yml * Update updater.yml * Update updater.yml * Update updater.yml * Update updater.yml * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * Update update_script.rb * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * test * testt * test * test * Update GitVersion.yml so that CI artifacts have better naming * test * test * test * test * clean up * clean up --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Maxwell Weru <[email protected]> Co-authored-by: Rhys Koedijk <[email protected]> Co-authored-by: Berend Haan <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What are you trying to accomplish?
Fixes #1243
It should be possible to update dependencies in a .NET Framework project when using:
nuget.configpackage sources and package source mappingsChanges
nuget.configfile.NuGetConfigCredentialHelpers, which overrides the defaultnuget.configproxy code within dependabot-core with better code that handles more auth scenarios (see code comments for more info).