Skip to content

Dependabot does not scan for versions in versions.properties #3782

Closed
Closed
Dependabot does not scan for versions in versions.properties#3782
#16284 (+2)
Labels
CICI relatedcicdenhancementEnhancement or improvement to existing feature or requestfeatureNew feature or requestv2.19.0Issues and PRs related to version 2.19.0v3.0.0Issues and PRs related to version 3.0.0
@saratvemulapalli

Description

@saratvemulapalli
saratvemulapalli
opened on Jul 5, 2022

Is your feature request related to a problem? Please describe.
Coming from: #3772 (comment)
Dependabot does a great job of automatically upgrading dependent libraries while checking CVE databases.

For OpenSearch we use versions.properties[1] as a version catalog for all gradle projects within the repository.
Dependabot workflow does not support scanning through this catalog file of versions.

Describe the solution you'd like
Dependabot support for dependencies listed in versions.properties.

[1] https://github.com/opensearch-project/OpenSearch/blob/main/buildSrc/version.properties

Metadata

Metadata

Assignees

No one assigned

    Labels

    CICI relatedcicdenhancementEnhancement or improvement to existing feature or requestfeatureNew feature or requestv2.19.0Issues and PRs related to version 2.19.0v3.0.0Issues and PRs related to version 3.0.0

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions