From 651108c089176d742f07112f6756028dcd0e14bd Mon Sep 17 00:00:00 2001 From: 9pace Date: Tue, 16 Jun 2026 20:05:37 -0400 Subject: [PATCH 1/3] chore: ignore workspace packages in Dependabot config Yarn berry records workspace deps declared as `"": "^0.0.0"` with an explicit `npm:^0.0.0` descriptor. Dependabot reads the descriptor and treats it as a registry dep, producing spurious bumps like #1613 (reverted in #1629). Every workspace name is exposed to this. Adds an `ignore` list derived from `TypeScriptWorkspace` subprojects, so new workspaces are picked up automatically on `npx projen`. --- .github/dependabot.yml | 14 ++++++++++++++ .projenrc.ts | 4 ++++ 2 files changed, 18 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 868813a88..eb0c4cff9 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -11,6 +11,20 @@ updates: - auto-approve allow: - dependency-type: production + ignore: + - dependency-name: "@aws-cdk-testing/cli-integ" + - dependency-name: "@aws-cdk/cdk-assets-lib" + - dependency-name: "@aws-cdk/cli-plugin-contract" + - dependency-name: "@aws-cdk/cloud-assembly-api" + - dependency-name: "@aws-cdk/cloud-assembly-schema" + - dependency-name: "@aws-cdk/cloudformation-diff" + - dependency-name: "@aws-cdk/integ-runner" + - dependency-name: "@aws-cdk/toolkit-lib" + - dependency-name: "@aws-cdk/user-input-gen" + - dependency-name: "@aws-cdk/yarn-cling" + - dependency-name: aws-cdk + - dependency-name: cdk + - dependency-name: cdk-assets directories: - / - /packages/@aws-cdk-testing/cli-integ diff --git a/.projenrc.ts b/.projenrc.ts index 2c1c94722..bd3ea30b0 100644 --- a/.projenrc.ts +++ b/.projenrc.ts @@ -1686,6 +1686,10 @@ new pj.YamlFile(repo, '.github/dependabot.yml', { 'allow': [{ 'dependency-type': 'production', }], + 'ignore': repoProject.subprojects + .filter((p): p is yarn.TypeScriptWorkspace => p instanceof yarn.TypeScriptWorkspace) + .map(p => ({ 'dependency-name': p.name })) + .sort((a, b) => a['dependency-name'].localeCompare(b['dependency-name'])), 'directories': ['/', ...repoProject.node.children .filter(child => child instanceof TypeScriptWorkspace) .map(ts => `/${path.relative(repoProject.outdir, ts.outdir)}`) From f2ac8e6f006eab34e2f33e29e2d2625b1a8ac5fa Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 17 Jun 2026 09:24:35 +0000 Subject: [PATCH 2/3] chore: self mutation Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 2f132060f..3bd989aa1 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -19,6 +19,7 @@ updates: - dependency-name: "@aws-cdk/cloud-assembly-schema" - dependency-name: "@aws-cdk/cloudformation-diff" - dependency-name: "@aws-cdk/integ-runner" + - dependency-name: "@aws-cdk/private-tools" - dependency-name: "@aws-cdk/toolkit-lib" - dependency-name: "@aws-cdk/user-input-gen" - dependency-name: "@aws-cdk/yarn-cling" From 00dc5512fbf73c6c6188a28351f4ad9f46243725 Mon Sep 17 00:00:00 2001 From: 9pace Date: Wed, 17 Jun 2026 08:39:57 -0400 Subject: [PATCH 3/3] drop unnecessary filter on subprojects --- .projenrc.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/.projenrc.ts b/.projenrc.ts index fd21f0828..b21516777 100644 --- a/.projenrc.ts +++ b/.projenrc.ts @@ -1723,7 +1723,6 @@ new pj.YamlFile(repo, '.github/dependabot.yml', { 'dependency-type': 'production', }], 'ignore': repoProject.subprojects - .filter((p): p is yarn.TypeScriptWorkspace => p instanceof yarn.TypeScriptWorkspace) .map(p => ({ 'dependency-name': p.name })) .sort((a, b) => a['dependency-name'].localeCompare(b['dependency-name'])), 'directories': ['/', ...repoProject.node.children