Dependabot recently broke

anthonator · February 6, 2020, 7:23pm

I’m curious if anyone else is having issues with GitHub’s Dependabot. I recently started getting this error on one of my Elixir project’s.

** (FunctionClauseError) no function clause matching in Parser.parse_lock/1    
    
    The following arguments were given to Parser.parse_lock/1:
    
        # 1
        {:hex, :ex_doc, "0.21.3", "857ec876b35a587c5d9148a2512e952e24c24345552259464b98bfbb883c7b42", [:mix], [{:earmark, "~> 1.4", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.14", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm", "0db1ee8d1547ab4877c5b5dffc6604ef9454e189928d5ba8967d4a58a801f161"}
    
    parse_deps.exs:69: Parser.parse_lock/1
    parse_deps.exs:19: Parser.build_dependency/2
    (elixir) lib/enum.ex:1336: Enum."-map/2-lists^map/1-0-"/2
    parse_deps.exs:101: (file)

{"error":""}

I’m wondering if it may have something to do with the recent Hex updates. I started experiencing this problem around the time 0.20.4 shipped.

ericmj · February 6, 2020, 7:50pm

Where is that error from?

The recent Hex update introduced a new field to the lockfile. I am guessing Dependabot is expecting a specific tuple size.

anthonator · February 6, 2020, 7:52pm

From the Dependabot dashboard.

Should I send a support request to GitHub asking to support newer Hex versions?

ericmj · February 6, 2020, 7:57pm

Yes, please do. And please mention that they should ignore extra tuple fields they do not recognize so they do not fail again if we add more fields.

anthonator · February 6, 2020, 8:06pm

Looks like someone has already opened an issue on Dependabot’s GitHub repo.

I’m also linking back to this thread.

@ericmj I mentioned you in the GitHub issue. I hope that’s OK.

anthonator · February 7, 2020, 1:18pm

Looks like a fix has been merged.