Dependabot recently broke

I’m curious if anyone else is having issues with GitHub’s Dependabot. I recently started getting this error on one of my Elixir project’s.

** (FunctionClauseError) no function clause matching in Parser.parse_lock/1    
    
    The following arguments were given to Parser.parse_lock/1:
    
        # 1
        {:hex, :ex_doc, "0.21.3", "857ec876b35a587c5d9148a2512e952e24c24345552259464b98bfbb883c7b42", [:mix], [{:earmark, "~> 1.4", [hex: :earmark, repo: "hexpm", optional: false]}, {:makeup_elixir, "~> 0.14", [hex: :makeup_elixir, repo: "hexpm", optional: false]}], "hexpm", "0db1ee8d1547ab4877c5b5dffc6604ef9454e189928d5ba8967d4a58a801f161"}
    
    parse_deps.exs:69: Parser.parse_lock/1
    parse_deps.exs:19: Parser.build_dependency/2
    (elixir) lib/enum.ex:1336: Enum."-map/2-lists^map/1-0-"/2
    parse_deps.exs:101: (file)

{"error":""}

I’m wondering if it may have something to do with the recent Hex updates. I started experiencing this problem around the time 0.20.4 shipped.

Where is that error from?

The recent Hex update introduced a new field to the lockfile. I am guessing Dependabot is expecting a specific tuple size.

From the Dependabot dashboard.

Should I send a support request to GitHub asking to support newer Hex versions?

Yes, please do. And please mention that they should ignore extra tuple fields they do not recognize so they do not fail again if we add more fields.

Looks like someone has already opened an issue on Dependabot’s GitHub repo.

https://github.com/dependabot/dependabot-core/issues/1675

I’m also linking back to this thread.

@ericmj I mentioned you in the GitHub issue. I hope that’s OK.

Looks like a fix has been merged.

https://github.com/dependabot/dependabot-core/pull/1680