Dependabot running for more than 6 hours since update to version 2.40 #1523
Comments
|
I have the exact same issue. I have multiple dependabot pipelines, with distinct repositories. Since |
|
This is probably a spin-off of #1441. |
|
@epicstar, the behaviour is clearly aligned with the 2.40 release (here jobs are canceled after 1h):
last good one is on 2.39.1099: first bad one is on 2.40.1110: |
|
The only code change in 2.40 was #1514. This change sets the default list of experiments to match those used by the GitHub hosted Dependabot, for better accuracy of updates. Could you try explicitly set the experiments list in your task input so that the GitHub defaults are not used and see if this reduces the task runtime. e.g. steps:
- task: dependabot@2
inputs:
# Use no experiments
experiments: 'none'
# Use GitHub default experiments
#experiments: 'record-ecosystem-versions=true,record-update-job-unknown-error=true,proxy-cached=true,move-job-token=true,dependency-change-validation=true,nuget-native-analysis=true,nuget-use-direct-discovery=true,enable-file-parser-python-local=true,lead-security-dependency=true,enable-record-ecosystem-meta=true' |
Indeed it seems to solve the issue. Thanks ! |
|
This mitigates the issue, as Dependabot now runs ~2 hours instead of ~6 hours. However, this is still double the time compared to version < 2.40 |
Up to (including) Dependabot version 2.39.1099, Dependabot took ~1 hour for one of our repositiories.
Since the update to 2.40.1110, Microsoft is aborting the pipeline after 6:15 hours.
The text was updated successfully, but these errors were encountered: