Dependabot opening multiple PRs for a single dependency

[adamjstewart]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

pip

Package manager version

pip 23.0.1

Language version

Python 3.10–3.12

Manifest location and content before the Dependabot update

https://github.com/microsoft/torchgeo/blob/main/requirements/required.txt

dependabot.yml content

https://github.com/microsoft/torchgeo/blob/main/.github/dependabot.yml

Updated dependency

lightning 2.2.5 to 2.3.0 or 2.3.1.

What you expected to see, versus what you actually saw

Normally, when a new version is released, dependabot updates an existing unmerged PR. However, in this case, dependabot opened 2 PRs instead.

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

• Bump lightning[pytorch-extra] from 2.2.5 to 2.3.0 in /requirements microsoft/torchgeo#2119
• Bump lightning[pytorch-extra] from 2.2.5 to 2.3.1 in /requirements microsoft/torchgeo#2141

Smallest manifest that reproduces the issue

No response

[OwenPattison]

@adamjstewart This looks like a duplicate of: #10103.
Although your ecosystem is slightly different I hope one fix resolves both our issues.

[adamjstewart]

Closing as a duplicate