0

I'm trying to specify two npm registries for my GitHub Action Dependabot workflow, but when committed, the following error occurs:

Dependabot encountered the following error when parsing your .github/dependabot.yml:

The property '#/registries/npmjs/' of type object did not match one or more of the required schemas Please update the config file to conform with Dependabot's specification.

I have a private package published to npm.pkg.github.com, but all other dependencies should be resolved from the default registry.npmjs.org.

Can anyone spot the problem?

version: 2
registries:
    npmjs:
        type: npm-registry
        url: https://registry.npmjs.org
    npm-github:
        type: npm-registry
        url: https://npm.pkg.github.com
        token: ${{ secrets.NPM_TOKEN }}
updates:
    - package-ecosystem: github-actions
      directory: /
      schedule:
          interval: daily
    - package-ecosystem: npm
      registries:
          - npmjs
          - npm-github
      directory: /
      schedule:
          interval: daily
      open-pull-requests-limit: 10
Remi Sture
  • 12,000
  • 5
  • 22
  • 35
  • 1
    [The docs](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#npm-registry) suggest it should be `npm-`, also have credentials. – jonrsharpe May 26 '23 at 19:02
  • @jonrsharpe changed to "npm-js" and still get error: "The property '#/registries/npm-js/' of type object did not match one or more of the required schemas". I have provided a token to the private registry. – Remi Sture May 26 '23 at 19:10
  • As [Jess Widman](https://github.com/jeffwidman) [explained](https://github.com/dependabot/dependabot-core/issues/6132#issuecomment-1372734740), the schema is not exposed, only the error messages it summons. Please replay with all permutations the documentation fuels your creativity and add a result matrix to your question: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#npm-registry – hakre May 26 '23 at 21:05

0 Answers0