[Bug-fix] dependabot jobs failing from wrong claim by d-niu · Pull Request #7173 · DataDog/dd-trace-js

d-niu · 2026-01-05T16:31:52Z

Dependabot workflows have been failing since 12-11-2025 (the last change to this file) due to

Attempt 1 failed. Error: HTTP error! status: 403, {"code":7,"message":"trust policy: claim \"job_workflow_ref\" did not match \"^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$\"","details":[]}

The JWT in the error logs have claim: "job_workflow_ref": "DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/pull/{number}/merge", while the policy only accepts "^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$".

What does this PR do?

Motivation

Plugin Checklist

Additional Notes

Dependabot workflows have been failing since 12-11-2025 (the last change to this file) due to ``` Attempt 1 failed. Error: HTTP error! status: 403, {"code":7,"message":"trust policy: claim \"job_workflow_ref\" did not match \"^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$\"","details":[]} ``` The JWT in the error logs have claim: "job_workflow_ref": "DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/pull/{number}/merge", while the [policy](https://github.com/DataDog/dd-trace-js/edit/master/.github/chainguard/dependabot-automation.sts.yaml) only accepts "^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$\".

github-actions · 2026-01-05T16:32:39Z

Overall package size

Self size: 4.39 MB
Deduped: 5.21 MB
No deduping: 5.21 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | import-in-the-middle | 2.0.0 | 68.46 kB | 797.03 kB | | dc-polyfill | 0.1.10 | 26.73 kB | 26.73 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

codecov · 2026-01-05T16:32:46Z

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.49%. Comparing base (39fb819) to head (1e9d5a4).

Additional details and impacted files

@@           Coverage Diff           @@
##           master    #7173   +/-   ##
=======================================
  Coverage   84.49%   84.49%           
=======================================
  Files         524      524           
  Lines       22463    22463           
=======================================
  Hits        18981    18981           
  Misses       3482     3482

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

pr-commenter · 2026-01-05T16:43:17Z

Benchmarks

Benchmark execution time: 2026-01-05 16:43:13

Comparing candidate commit 1e9d5a4 in PR branch dependabot-bugfix with baseline commit 39fb819 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 291 metrics, 29 unstable metrics.

Dependabot workflows have been failing since 12-11-2025 (the last change to this file) due to ``` Attempt 1 failed. Error: HTTP error! status: 403, {"code":7,"message":"trust policy: claim \"job_workflow_ref\" did not match \"^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$\"","details":[]} ``` The JWT in the error logs have claim: "job_workflow_ref": "DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/pull/{number}/merge", while the [policy](https://github.com/DataDog/dd-trace-js/edit/master/.github/chainguard/dependabot-automation.sts.yaml) only accepts "^DataDog/dd-trace-js/.github/workflows/dependabot-automation.yml@refs/heads/master$\".

d-niu requested a review from a team as a code owner January 5, 2026 16:31

d-niu added the semver-patch label Jan 5, 2026

BridgeAR approved these changes Jan 5, 2026

View reviewed changes

d-niu enabled auto-merge (squash) January 5, 2026 16:37

This comment has been minimized.

Sign in to view

d-niu merged commit ae76856 into master Jan 5, 2026
796 of 797 checks passed

d-niu deleted the dependabot-bugfix branch January 5, 2026 16:48

dd-octo-sts Bot mentioned this pull request Jan 12, 2026

v5.82.0 proposal #7136

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Bug-fix] dependabot jobs failing from wrong claim#7173

[Bug-fix] dependabot jobs failing from wrong claim#7173
d-niu merged 1 commit intomasterfrom
dependabot-bugfix

d-niu commented Jan 5, 2026

Uh oh!

github-actions Bot commented Jan 5, 2026

Uh oh!

codecov Bot commented Jan 5, 2026 •

edited

Loading

Uh oh!

This comment has been minimized.

pr-commenter Bot commented Jan 5, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

d-niu commented Jan 5, 2026

What does this PR do?

Motivation

Plugin Checklist

Additional Notes

Uh oh!

github-actions Bot commented Jan 5, 2026

Overall package size

Uh oh!

codecov Bot commented Jan 5, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

This comment has been minimized.

pr-commenter Bot commented Jan 5, 2026

Benchmarks

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

codecov Bot commented Jan 5, 2026 •

edited

Loading