Dependabot fails with "No Cargo.toml!" #2245
Description
Current behavior 😯
When a Dependabot version update runs for Rust dependencies (i.e. the "cargo" ecosystem), it fails with:
Dependabot encountered '1' error(s) during execution, please check the logs for more details.
+-----------------------------------------------+
| Errors |
+---------------+-------------------------------+
| Type | Details |
+---------------+-------------------------------+
| unknown_error | { |
| | "message": "No Cargo.toml!" |
| | } |
+---------------+-------------------------------+
Failure running container d89a028c2d61c4b2e4b792c3b0eece859214657bd263b037ccbb4baa1f54422a: Error: Command failed with exit code 1: /bin/sh -c $DEPENDABOT_HOME/dependabot-updater/bin/run update_files
Cleaned up container d89a028c2d61c4b2e4b792c3b0eece859214657bd263b037ccbb4baa1f54422a
proxy | 2025/11/01 08:01:47 0/11 calls cached (0%)
2025/11/01 08:01:47 Posting metrics to remote API endpoint
Error: Dependabot encountered an error performing the update
There may be more relevant details in the logs, but if so, I haven't found them. Here's the most recent run in this upstream repository. That links to the CI run for it that includes the full log. One can get there also from this page by clicking "View logs" and clicking "View logs" again.
I've also been having this problem in my fork, where it seems to have started at some point between October 15th and October 17th, based on the test PR EliahKagan#117 that was able to be created but not to be updated. It looks like #2208 was the only thing that came in during that time, which doesn't look like it could cause or have anything to do with such a problem.
I've had various Dependabot failures in my fork for a while, and I didn't assume this would happen here; but this is the first that happens upstream as well, and seems to happen every time.
Unfotunately I don't remember the messages from those previous self-resolving patterns of failure that had resolved by retrying, so I can't compare them to this one, and they were long enough ago that their logs are probably not preserved.
This only affects version updates for Rust dependencies. Version updates for GitHub Actions dependencies still work.
Expected behavior 🤔
Dependabot version updates should work, as they have worked before.
We have a top-level Cargo.toml as well as Cargo.toml files in all subdirectories that represent crates.
Git behavior
Not applicable, as far as I know.
Steps to reproduce 🕹
Either wait for a Dependabot version update to happen on schedule or trigger it manually on the Insights page, then observe that no PR is created or updated. To observe the error message and failure details, see the logs as described above.