Skip to content

Dependabot hygiene test scans untracked files, failing the mutation baseline #413

Description

@leynos

Summary

The first full mutation run (actions/runs/29075166632) failed its
unmutated baseline in every shard: cargo_update_directories_match_manifests
(tests/dependabot_config_tests.rs) walks the file system for
Cargo.toml manifests and found the shared mutation workflow's
workflow-src/ checkout (shared-actions fixtures such as
/workflow-src/rust-toy-app), which .github/dependabot.yml
legitimately does not list.

Fix options

  1. Enumerate manifests via git ls-files -- '*Cargo.toml' (or an
    equivalent tracked-files listing) instead of walking the tree —
    untracked directories (workflow-src, target, scratch dirs) become
    invisible and the test also stops being sensitive to local build
    artefacts. Recommended.
  2. Alternatively/additionally, the upstream defect is filed as
    workflow-src checkout pollutes the caller's tree during mutation runs shared-actions#343-class (workflow-src pollutes the caller
    tree); once fixed there and the pin bumped, the baseline recovers
    without a test change — but option 1 makes the test robust against
    any future untracked content.

Impact

Until fixed, every real (non-skip) mutation run fails at baseline and
tests nothing. The workflow is informational and does not gate PRs.

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingmediumCould be disruptive, but might not happentesting

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions