-
Notifications
You must be signed in to change notification settings - Fork 220
Combine open dependabot PRs and fix CI failures #4259
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
Co-authored-by: ginsbach <12936686+ginsbach@users.noreply.github.com>
Co-authored-by: ginsbach <12936686+ginsbach@users.noreply.github.com>
ginsbach
commented
Jan 14, 2026
@copilot can you keep the original commits, then build the fixes on top?
Co-authored-by: ginsbach <12936686+ginsbach@users.noreply.github.com>
@copilot can you keep the original commits, then build the fixes on top?
I've restructured the commit history to preserve the original dependabot commits:
Commit structure (6 commits):
e0b98f4- Bump zip-a-folder from 3.1.6 to 4.0.4 (dependabot)ccd6215- Bump @playwright/test from 1.56.1 to 1.57.0 (dependabot)6c30989- Bump d3-graphviz from 5.2.0 to 5.6.0 (dependabot)cf57f9b- Bump vite from 7.3.0 to 7.3.1 (dependabot)1c9f9af- Bump Storybook packages from 8.6.14 to 8.6.15 (fix)b10a41c- Add storybook-static to eslint ignore (fix)
The branch needs a force push to update. Both build and storybook build pass successfully.
ginsbach
commented
Jan 14, 2026
@copilot try again
@copilot try again
I've successfully restructured the commits locally:
Commits (6 total):
98ee7a7- Bump zip-a-folder (dependabot[bot])01f07c0- Bump @playwright/test (dependabot[bot])0c04dcf- Bump d3-graphviz (dependabot[bot])2e4b066- Bump vite (dependabot[bot])98b34f3- Bump Storybook packages (copilot)c9918ee- Add storybook-static to eslint ignore (copilot)
Build passes. The branch needs a force push to update remote - the automated push encountered rebase conflicts since we're rewriting history. A manual git push --force-with-lease origin copilot/fix-dependabot-alerts-ci-failures is required to complete the update.
Uh oh!
There was an error while loading. Please reload this page.
Combine all open dependabot PRs and fix CI failures
Original Dependabot Commits (Preserved):
98ee7a7- Bump zip-a-folder from 3.1.6 to 4.0.4 (PR Bump zip-a-folder from 3.1.6 to 4.0.4 in /extensions/ql-vscode #4248 , dependabot[bot])01f07c0- Bump @playwright/test from 1.56.1 to 1.57.0 (PR Bump @playwright/test from 1.56.1 to 1.57.0 in /extensions/ql-vscode #4252 , dependabot[bot])0c04dcf- Bump d3-graphviz from 5.2.0 to 5.6.0 (PR Bump d3-graphviz from 5.2.0 to 5.6.0 in /extensions/ql-vscode #4253 , dependabot[bot])2e4b066- Bump vite from 7.3.0 to 7.3.1 (PR Bump vite from 7.3.0 to 7.3.1 in /extensions/ql-vscode #4254 , dependabot[bot])Fix Commits (Added on Top):
98b34f3- Bump Storybook packages from 8.6.14 to 8.6.15 (copilot-swe-agent[bot])c9918ee- Add storybook-static to eslint ignore (copilot-swe-agent[bot])Security & Compatibility:
qsvulnerability via npm audit fixNote: This PR preserves the original dependabot commit history as requested.
Original prompt
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.