I am using dependabot in azure devops to auto scan for any vulnerabilities in my codebase, but I got the error :
🌎 🠊 [POST] https://xxx.visualstudio.com/My%20Property%20Tax%20Online%20Payment/_apis/git/repositories/TTCWebApi/pushes
🌎 🠈 [400] Bad Request
{"$id":"1","innerException":null,"message":"TF401021: 'refs/heads/dependabot/nuget/dev/FluentAssertions-6.12.1' is not a valid name for a Git ref. Visit https://go.microsoft.com/fwlink/?LinkId=800646 for more information on Git ref naming.","typeName":"Microsoft.TeamFoundation.Git.Server.InvalidGitRefNameException, Microsoft.TeamFoundation.Git.Server","typeKey":"InvalidGitRefNameException","errorCode":0,"eventId":3000}
##[error]Failed to create pull request: Error: Request to 'https://xxx.visualstudio.com/My%20Property%20Tax%20Online%20Payment/_apis/git/repositories/TTCWebApi/pushes' failed: 400 Bad Request
Is it because my repo name has white spaces in there ? If so, how do I fix it ?
Thank you.
Is it because my repo name has white spaces in there ?
According to the error, the name of your project is "My Property Tax Online Payment" and the name of your repo is "TTCWebApi". The error has nothing to do with the name of your project or repo.
Testing from my side, I can't reproduce the same error.
My dependabot.yml:
version: 2
updates:
- package-ecosystem: "nuget"
target-branch: 'dev'
directory: "/AppLogger"
schedule:
interval: "daily"
open-pull-requests-limit: 5
commit-message:
prefix: "deps"
ignore:
- dependency-name: "example-package"
versions: ["1.x"]
My YAML pipeline:
pool:
vmImage: ubuntu-latest
steps:
- task: dependabot@2
Result:
Creating pull request 'deps: bump FluentAssertions from 6.11.0 to 6.12.1 in /AppLogger'...
- Pushing 1 file change(s) to branch 'dependabot/nuget/dev/FluentAssertions-6.12.1'...
🌎 🠊 [POST] https://dev.azure.com/{orgName}/{projectName}/_apis/git/repositories/AppLogger_Nuget/pushes
🌎 🠈 [201] Created
- Pushed commit: a3acc49ecdbd27f512***.
- Creating pull request to merge 'dependabot/nuget/dev/FluentAssertions-6.12.1' into 'dev'...
I notice that there is a bug for the similar issue. Please run your pipeline again and check if there is the same error or not. If there is, share the dependabot.yml
and YAML file of your pipeline.