Is it possible to ask dependabot to ignore updates that requires a certain .NET version?

Question

My team has started using dependabot to update our Nuget packages on a regular basis. Currently we have .NET 5.0, and a lot of the PRs generated by dependabot includes major updates which is dependant on .NET 6.0. Per now I have added "ignore" in the dependabot.yml file for each dependency that has a major version update which is dependant on .NET 6.0 like this:

ignore:
        - dependency-name: "Castle.Core"
          update-types: ["version-update:semver-major"]
        - dependency-name: "Castle.Windsor"
          update-types: ["version-update:semver-major"]

However, there are a lot of PRs with suggested updates which I will have to ignore. Is it possible to somehow say "ignore all updates which are dependant on .NET 6.0"?

score 0 · Answer 1 · answered Jun 02 '23 at 15:09

0

Instead of specifying the ignore rule for each individual package, you can use the "match ("*") attribute to define a pattern that matches all packages with a .NET 6.0 dependency.

ignore:
  - dependency-name: "*"
    update-types: ["version-update:semver-major"]
    versions: ["<6.0"]

answered Jun 02 '23 at 15:09

iamdlm

1,885
1
11
21

But how does it know that it is .NET 6.0 that should be ignored, and not for instance Castle.Core 6.0 or similar if .NET is never specified? – Ank Jun 05 '23 at 05:35

Is it possible to ask dependabot to ignore updates that requires a certain .NET version?

1 Answers1