[Question] - Dependabot Compatibility Score - Minimum number of candidate updates threshold

[brombaut]

Hello. Sometimes the Compatibility Score badge on Dependabot PRs says "compatibility: unknown". For example, on this PR (brombaut/benrombautca#199) to bump copy-webpack-plugin from 5.1.2 to 9.0.1.

On the Dependabot website for this dependency update (https://dependabot.com/compatibility-score/?dependency-name=copy-webpack-plugin&package-manager=npm_and_yarn&previous-version=5.1.2&new-version=9.0.1) it says:

"Dependabot hasn't made enough updates for projects migrating copy-webpack-plugin from 5.1.2 to 9.0.1 to form a view on compatibility yet."

I was wondering what the minimum number of candidate updates are required for the compatibility score badge to show up correctly on Dependabot PRs?

I realize that the logic might be different since Dependabot was acquired by GitHub. I looked around this repo, but couldn't find any logic for how the score is retrieved (or calculated for that matter) for each Dependabot PR. Is this source code available somewhere?

Thanks!

[jurre]

The minimum number is currently 5, although this might change. The source code for this is not available publicly, it's part of the internal systems we use to run dependabot at scale.

I hope that helps

[brombaut]

Ok yes that helps thanks for the info! 👍