Vulnerability PR ignores package rules #30649
Unanswered
daniluk4000
asked this question in
Request Help
Replies: 1 comment 2 replies
-
|
Vulnerability updates use allowedVersions themselves so this is behaving as designed. If there are no v2 updates anticipated then you could disable that dependency |
Beta Was this translation helpful? Give feedback.
2 replies
-
|
Sorry, how? Can't find anything in docs for that |
Beta Was this translation helpful? Give feedback.
-
|
Set enabled=false |
Beta Was this translation helpful? Give feedback.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
What would you like help with?
I think I found a bug
How are you running Renovate?
Mend Renovate hosted app on github.com
If you're self-hosting Renovate, tell us which platform (GitHub, GitLab, etc) and which version of Renovate.
Github
Please tell us more about your question or problem
yandex-maps-unofficial/vue-yandex-maps#354
https://github.com/yandex-maps-unofficial/vue-yandex-maps/blob/master/.github/renovate.json5#L15
We have a rule that should not update Nuxt 2 package, but security update still does that.
In my point of view, this could be a bug, because I can't find anything in config that we are doing wrong.
Thanks!
Logs (if relevant)
No response
Beta Was this translation helpful? Give feedback.
All reactions