Does Dependabot support bundler 2.6.*'s checksum feature? #11188
Labels
Comments
|
confirming this worked fine. closing it out. |
|
I've enabled checksums in my gemfile last week, and today I've got a PR open where the checksums were not updated. Is there anything that needs to be done for this to work? |
|
Hello @davidgm0 👋 👋 If your lockfile already has a CHECKSUMS section, my expectation would be that Dependabot is able to keep them up to date. Even if Dependabot is not yet using Bundler 2.6 internally (needs #11330), the checksums feature is also present (but hidden) in Bundler 2.5 which Dependabot does use, so in principle I'd expect Dependabot to handle checksums fine. Do you have a public repository where Dependabot did not update checkums? I'd be happy to look into it, since it may be a bug in either Bundler or Dependabot. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is there an existing issue for this?
Feature description
https://bundler.io/blog/2024/12/19/bundler-v2-6.html#:~:text=How%20to%20enable%20lockfile%20checksums
i.e. will it keep Gemfile checksums up to date as it updates gems?
The text was updated successfully, but these errors were encountered: