From cd28ec64841448fa5bc6233323a93450d6e157ff Mon Sep 17 00:00:00 2001 From: Sin-Kang Date: Sat, 23 May 2026 19:50:00 +0900 Subject: [PATCH] fix(deps): stop double-deps in dependabot commit messages MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Our dependabot.yml was producing PR titles like: build(deps)(deps): bump foo from 1 to 2 build(ci)(deps): bump actions/checkout from 5 to 6 …with a doubled `(deps)` scope. Root cause was a config that put the conventional-commit scope INSIDE the prefix AND told dependabot to add it AGAIN: commit-message: prefix: "build(deps)" ← scope already inlined here include: "scope" ← dependabot also inserts "(deps)" between prefix and ":" Dependabot then composes: : "build(deps)" + "(deps)" + ":" + ... → "build(deps)(deps): ..." The fix is to keep `include: "scope"` (it's the part that varies per dep / group / ecosystem and is genuinely useful) and trim `prefix` down to just the conventional-commit type: Gradle ecosystem entries: prefix: "build(deps)" → "build" → "build(deps): bump foo from 1 to 2" → "build(deps-spring-boot): bump the spring-boot group ..." github-actions ecosystem entry: prefix: "build(ci)" → "ci" → "ci(deps): bump actions/checkout from 5 to 6" Now titles read cleanly and the scope still distinguishes what kind of bump landed. All three commit-message blocks (SB3 gradle, SB4 gradle, github- actions) updated in one pass; no other config touched. --- .github/dependabot.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 29169a8..1276da4 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -43,7 +43,7 @@ updates: - "dependencies" - "sb3" commit-message: - prefix: "build(deps)" + prefix: "build" include: "scope" ignore: - dependency-name: "org.springframework.boot:*" @@ -121,7 +121,7 @@ updates: - "dependencies" - "sb4" commit-message: - prefix: "build(deps)" + prefix: "build" include: "scope" # Still hold the Gradle wrapper major — has nothing to do with SB, # and a wrapper major needs hand verification regardless of line. @@ -162,5 +162,5 @@ updates: - "dependencies" - "github-actions" commit-message: - prefix: "build(ci)" + prefix: "ci" include: "scope"