KE
kevindew/dependabot-uv-version-bug
Demonstration of a bug in dependabot-core
Demonstrate dependabot uv bug
This is a barebones project to demonstrate a depenabot issue that occurs since
dependabot/dependabot-core#13690 was merged.
This issue occurs if dependencies with version constraints between them are run,
in this case aiobotocore and botocore. Where dependabot will try update
botocore to the newest version and error.
When Dependabot runs:
uv lock --upgrade-package botocore==1.42.21
It will raise an error because the version of aiobotocore does not permit that
version:
× No solution found when resolving dependencies:
╰─▶ Because aiobotocore==3.1.0 depends on botocore>=1.41.0,<1.42.20 and botocore==1.42.21, we can conclude that aiobotocore==3.1.0 cannot be used.
And because only aiobotocore<=3.1.0 is available and your project depends on aiobotocore>=3.1.0, we can conclude that your project's requirements are unsatisfiable.