Skip to content

Commit 9eeb81e

Browse files
mchammer01Copilotsophietheking
authored
[EDI] Viewing Dependabot job logs (#59581)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
1 parent 703239d commit 9eeb81e

File tree

3 files changed

+58
-15
lines changed

3 files changed

+58
-15
lines changed

content/code-security/concepts/supply-chain-security/dependabot-job-logs.md

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
---
2+
title: Dependabot job logs
3+
intro: '{% data variables.product.github %} logs every update job run by {% data variables.product.prodname_dependabot %}, giving you visibility into version updates, security patches, and automated rebases across your dependencies.'
4+
shortTitle: Dependabot job logs
5+
versions:
6+
fpt: '*'
7+
ghec: '*'
8+
ghes: '*'
9+
contentType: concepts
10+
topics:
11+
- Dependabot
12+
- Troubleshooting
13+
- Dependencies
14+
- Security updates
15+
---
16+
17+
18+
> [!NOTE]
19+
> Job logs are only available for repositories with {% data variables.product.prodname_dependabot_version_updates %} enabled.
20+
21+
Whenever a {% data variables.product.prodname_dependabot %} job runs, the details of the job are captured in the job logs list, which is accessible from the dependency graph.
22+
23+
## What job logs contain
24+
25+
For each manifest file in your repository, {% data variables.product.prodname_dependabot %} maintains a list of recent job runs. Every log entry includes:
26+
27+
* **Job type**: The kind of update {% data variables.product.prodname_dependabot %} performed (_version_ update, _security_ update, or _rebase_ update)
28+
* **Job ID**: A unique identifier for the run
29+
* **Timestamp**: When the job executed
30+
* **Associated pull requests**: Links to any pull requests created or updated by the job
31+
* **Error messages**: Brief diagnostic information when jobs fail
32+
33+
If you need to troubleshoot further, you can click **view logs** to access the full log files for a specific run.
34+
35+
## Job types
36+
37+
You will see the following job types recorded in the log list:
38+
39+
**Version update**: {% data variables.product.prodname_dependabot %} checked your manifest files for outdated dependencies and opened or updated pull requests to bring them current. These runs happen on the schedule defined in your `dependabot.yml` configuration file.
40+
41+
**Security update**: {% data variables.product.prodname_dependabot %} detected a security vulnerability in one of your dependencies and opened a pull request to upgrade to a patched version. These updates happen automatically when {% data variables.product.github %} identifies new security advisories.
42+
43+
**Rebase update**: {% data variables.product.prodname_dependabot %} automatically rebased an existing pull request to resolve a merge conflict with your target branch. This can apply to pull requests for either {% data variables.product.prodname_dependabot_version_updates %} or {% data variables.product.prodname_dependabot_security_updates %}.
44+
45+
## Debugging with job logs
46+
47+
Job logs give you two levels of detail for troubleshooting:
48+
49+
**Log list entries** show a quick summary of each job, including short error messages that often point directly to the problem, like authentication failures, unreachable registries, or incompatible version constraints.
50+
51+
**Full log files** provide complete output from the {% data variables.product.prodname_dependabot %} job, including every dependency checked, version resolution details, and the full stack trace for any errors. Access these when you need to investigate complex failures or understand exactly what {% data variables.product.prodname_dependabot %} attempted.
52+
53+
## Next steps
54+
55+
Now that you know what {% data variables.product.prodname_dependabot %} job logs are, you may want to find out how to access them. See [AUTOTITLE](/code-security/how-tos/view-and-interpret-data/viewing-dependabot-job-logs).

content/code-security/concepts/supply-chain-security/index.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ children:
2121
- about-the-dependabot-yml-file
2222
- about-dependabot-auto-triage-rules
2323
- about-dependabot-on-github-actions-runners
24+
- dependabot-job-logs
2425
- immutable-releases
2526
- linked-artifacts
2627
---

content/code-security/how-tos/view-and-interpret-data/viewing-dependabot-job-logs.md

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
---
22
title: Viewing Dependabot job logs
3-
intro: To support debugging of {% data variables.product.prodname_dependabot %} pull requests, {% data variables.product.github %} provides logs of all {% data variables.product.prodname_dependabot %} jobs.
3+
intro: Access job logs to troubleshoot failed {% data variables.product.prodname_dependabot_updates %} and understand what is happening.
44
shortTitle: View Dependabot logs
55
permissions: '{% data reusables.permissions.dependabot-various-tasks %}'
66
versions:
@@ -19,20 +19,7 @@ redirect_from:
1919
- /code-security/dependabot/troubleshooting-dependabot/viewing-dependabot-job-logs
2020
---
2121

22-
## About {% data variables.product.prodname_dependabot %} job logs
23-
24-
Job logs are only available if {% data variables.product.prodname_dependabot_version_updates %} are enabled for the repository.
25-
26-
Whenever a {% data variables.product.prodname_dependabot %} job runs, the details of the job are captured in the job logs list, which is accessible from the dependency graph.
27-
28-
For each manifest file, the job logs record the most recent runs of {% data variables.product.prodname_dependabot %}, with each log entry displaying the job type, job ID, timestamp, and, where necessary, a link to the pull request(s) associated with the job.
29-
30-
You may find that the log entry contains a short error message, which can be useful for debugging issues with a particular pull request or run. If you need to troubleshoot further, you can click **view logs** to access the full log files for a specific run.
31-
32-
You will see the following job types recorded in the log list:
33-
* **Version update** - refers to a {% data variables.product.prodname_dependabot_version_updates %} run.
34-
* **Security update** - refers to a {% data variables.product.prodname_dependabot_security_updates %} run.
35-
* **Rebase update** - refers to a run where {% data variables.product.prodname_dependabot %} has automatically rebased the pull request to resolve a conflict with the target branch. This update could apply to a pull request from a {% data variables.product.prodname_dependabot_version_updates %} job, or a {% data variables.product.prodname_dependabot_security_updates %} job.
22+
When {% data variables.product.prodname_dependabot_updates %} fail or behave unexpectedly, job logs show you exactly what happened. Access job logs from the dependency graph to debug issues quickly. For background on what job logs contain and the types of jobs {% data variables.product.github %} records, see [AUTOTITLE](/code-security/concepts/supply-chain-security/dependabot-job-logs).
3623

3724
## Viewing {% data variables.product.prodname_dependabot %} job logs
3825

0 commit comments

Comments
 (0)