From on April 8, 2018 7:4
I've been double checking how good dependabot has been at identifying our dependencies over at https://github.com/tobybellwood/govcms-composer-test and tracking it against what I was expecting on my local install using composer outdated -D(https://getcomposer.org/doc/03-cli.md#outdated).
For the record:
module|installed|latest|description -----|-----|-----|----- drupal/accessible_forms|1.0.0-alpha1|1.0.0-alpha2|This is a simple Drupal 7 module for adding form attributes for improved accessibility. drupal/ctools|1.12.0|1.14.0|A library of helpful tools by Merlin of Chaos. drupal/date|2.9.0|2.10.0|Makes date/time fields available. drupal/defaultconfig|1.0.0-alpha9|1.0.0-alpha11|Use features as default configuration without having to deal with overriden features. drupal/linkchecker|1.2.0|1.3.0|Periodically checks for broken links in node types, blocks and fields and reports the results. drupal/media|2.13.0|2.16.0|Provides the core Media API drupal/metatag|1.21.0|1.25.0|Adds support and an API to implement meta tags. drupal/workbench_moderation|1.4.0|3.0.0|Provides content moderation services drupal/zen|5.5.0|6.4.0|Zen sub-themes are the ultimate starting themes for Drupal 7. Read the online docs or the included README-... drush/drush|8.1.16|9.2.3|Drush is a command line shell and scripting interface for Drupal, a veritable Swiss Army knife designed to make life easier for those of us who spend s...
This brought me back to a comment from #120 (and subsequently digging a bit through the code)
(Other package managers do the resolution based solely on metadata from the registry, but Composer doesn't work that way.)
I just assumed you were running composer outdated at some point to get the shortlist of potential updates to iterate through - but it looks like you're grabbing the list another way?
Also - is there a way to report what versions we currently have asked Dependabot to ignore (and potentially un-ignore them?)
Copied from original issue: dependabot/feedback#124
该提问来源于开源项目:dependabot/dependabot-core
