Dependabot descends into the git submodule and attempts to parse the requirements files there. That fails because they contain Jinja2 statements.
Since dependabot does not support path exclusion options in its dependabot.yml file, the least evil seems to be to rename the requirements files in the template repo and to rename them back in the post generation hook script.
Dependabot descends into the git submodule and attempts to parse the requirements files there. That fails because they contain Jinja2 statements.
Since dependabot does not support path exclusion options in its dependabot.yml file, the least evil seems to be to rename the requirements files in the template repo and to rename them back in the post generation hook script.