I have a dependabot config file but dependabot isn't creating any PRs. As can be seen from the screenshot Automated Security fixes has been turned on. Apart from deleting the config file and re-adding the repo to dependabot I'm not sure what's going on...
Thank yo for being here! We are not experiencing any outages, a couple of things could be happening,
as far as I know only the owner can view alerts on a personal repository.This error is expected in some cases, where dependabot isn't able to automatically update the package version. In this case the upgrade has to be performed manually.
Since this repository is not public the quickest way to get you support would be to have you If you haven't already, please contact us at https://github.com/contact with the info so we can look into that further.
Mark helpful posts with Accept as Solution to help other users locate important info. Don't forget to give Kudos for great content!
Oh that repo is open source. The original link I posted in my original issue comes back with a 404 as I deleted the .dependabot/config.yml file. With that deleted, dependabot is creating PRs as I expect. Apparently having a .dependabot/config.yml only works with dependabot-preview installed, is this correct?
If you're only using automated security fixes without the config file you should only see pull requests created for each alert. Have you checked if there was an attemted pull request created for any of the alerts? You should see this if you click into one. If not you could try triggering a manual update or checking the error from a failed update.