bjornrud
dependabot private organization hex example?
Has anyone used the github actions hosted dependabot beta for private hex repositories? We would love dependabot to notify application owners in our org when another team updates their libraries.
Unfortunately, am getting 403s every time dependabot attempts to check our private hex.
From the logs, Dependabot is showing the following:
proxy | 2020/07/13 16:25:22 403 https://repo.hex.pm:443/repos/us/packages/ourpackage
The relevant portions of our .github/dependabot.yml are:
version: 2
updates:
# Keep mix dependencies up to date
- package-ecosystem: "mix"
directory: "/"
schedule:
interval: "weekly"
assignees:
- "OURORG/ourteam"
labels:
- "dependabot-update"
rebase-strategy: "disabled"
Most Liked
davydog187
An update from @bruce
I chatted with the PM (
@asciimike), and I understand that the team is making progress on addressing the current limitations for Elixir (and some other ecosystems/pkg managers like bundler and pip).
The effort is tracked here (https://bit.ly/3pEANuQ), and I’m hopeful we’ll see some level of private repo support restored soon.
Tweet: https://twitter.com/wbruce/status/1364004498667040769?s=20
Roadmap: Dependabot version updates: support for private registries (Cloud Beta) · Issue #67 · github/roadmap · GitHub
TL;DR: Private registries are currently not available for dependabot with elixir, but are scheduled on the roadmap
davydog187
I poked Bruce Williams on twitter, maybe he knows who can help!
Popular in Questions
Other popular topics
Categories:
Sub Categories:
Forums
Popular Tags
- #ecto
- #liveview
- #troubleshooting
- #learning-elixir
- #deployment
- #library
- #erlang
- #testing
- #genserver
- #mix
- #absinthe
- #remote-other
- #otp
- #plug
- #how-to-question
- #macros
- #postgres
- #channels
- #elixirconf
- #exunit
- #discussion
- #javascript
- #code-sync
- #podcasts
- #onsite
- #dialyzer
- #docker
- #authentication
- #umbrella
- #full-time-contract
- #podcasts-by-brainlid
- #ecto-query
- #elixir-ls
- #phoenix_html
- #iex
- #blog-post
- #graphql
- #genstage
- #ai
- #websockets
- #supervisor
- #advent-of-code
- #elixirconf-us
- #distillery
- #processes
- #forms
- #api
- #metaprogramming
- #security
- #performance








