Why dependabot not support `widen` even though the docs stated it #10677

Answered by jonjanego

kiraware asked this question in Q&A

kiraware
Sep 26, 2024

As the docs inform https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy, there is widen in versioning-strategy. But why it says error like this The property '#/updates/0/versioning-strategy' value "widen" did not match one of the following values: lockfile-only, auto, increase, increase-if-necessary. I use Python Poetry as dependency manager.

This is my dependabot.yml

version: 2
updates:
  - package-ecosystem: "pip"
    directory: "/"
    schedule:
      interval: "monthly"
    groups:
      dependencies:
        patterns:
          - "*"
    versioning-strategy: widen

Answered by jonjanego

Hi @kiraware - please see https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy which details which versioning strategies are supported in which ecosystems. At this time, widen is not supported for pip.

View full answer

Replies: 1 comment 1 reply

jonjanego
Sep 26, 2024
Maintainer

Hi @kiraware - please see https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy which details which versioning strategies are supported in which ecosystems. At this time, widen is not supported for pip.

1 reply

kiraware Sep 27, 2024
Author

Ah, as I expected, pip doesn't support widen versioning strategy yet. Thanks for your answer.

Answer selected by kiraware

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment