githubnpmdependabot

Dependabot not adding Team as reviewer


I have implemented dependabot in my org repo. Dependabot is creating pull requests all fine. But it's not adding any team reviewers, there are no error logs on PR or in Dependency graph> dependabot.

My yml config:-

version: 2
updates:

  # Maintain dependencies for login
  - package-ecosystem: "npm"
    directory: "/login"
    schedule:
      interval: "monthly"
    reviewers:
      - "org/cloud-reviewers"
    pull-request-branch-name:
      separator: "-"
    target-branch: "dev"
    open-pull-requests-limit: 5

Solution

  • You are right that since July 2020, you can "assign a GitHub team to review Dependabot pull requests".

    But the Configure dependabot.yml / reviewers section includes:

    You must use the full team name, including the organization, as if you were @mentioning the team.

    So double-check if org/cloud-reviewers is the right id (try and @ mention that account in a comment for instance)
    And check if the permission level include submitting a PR review.


    The OP Nandan Raj confirms in the comments an issue with not having the correct permissions to the Team used for PR review.