Older PR with previous versions occasionally not being abandoned even though abandonUnwantedPullRequests set to true

[eli-gc]

Describe the bug
It seems like when there are errors in the runs, then the old PR won't be abandoned even though the new PR is created. Perhaps the PR abandoning step is not reached before the pipeline fails. In runs where there are no errors, the abandon behavior seems to work correctly.

Categorization

• [ x] This is not a permissions issue (Seek help at 403 error when Dependabot tries to create a pull request #1245)

Repository
We are using in a private repository

To Reproduce
I think the most reliable way to reproduce is to run dependabot on a repo where the max limit of pull requests has been reached already where one of the PRs is the older version. At least in my production environment, a PR will be made for the newest version but the old one is not deleted.

Expected behavior
Any time a new PR is created with a version that is greater than another one, the old one should to be deleted.

Logs and screenshots

Starting: Upgrading: user-auth
==============================================================================
Task         : Dependabot
Description  : Automatically update dependencies and vulnerabilities in your code using [Dependabot CLI](https://github.com/dependabot/cli)
Version      : 2.42.1174
Author       : Tingle Software
Help         : https://github.com/tinglesoftware/dependabot-azure-devops/issues
==============================================================================
Experiments: {
  'record-ecosystem-versions': true,
  'record-update-job-unknown-error': true,
  'proxy-cached': true,
  'move-job-token': true,
  'dependency-change-validation': true,
  'nuget-install-dotnet-sdks': true,
  'nuget-native-analysis': true,
  'nuget-use-direct-discovery': true,
  'enable-file-parser-python-local': true,
  'npm-fallback-version-above-v6': true,
  'npm-v6-deprecation-warning': true,
  'npm-v6-unsupported-error': true,
  'lead-security-dependency': true,
  'enable-shared-helpers-command-timeout': true,
  'enable-engine-version-detection': true,
  'avoid-duplicate-updates-package-json': true,
  'allow-refresh-for-existing-pr-dependencies': true,
  'enable-bun-ecosystem': true,
  'exclude-local-composer-packages': true
}
##[warning]Skipping update for gradle packages as the open pull requests limit (3) has already been reached
Job 'update-pr-68931'
Job 'update-pr-69159'
Job 'update-pr-69239'
##[error]2 update tasks(s) failed, check logs for more information
Finishing: Upgrading: ***

In the below images, there is a Active PR for 3.3.8.9 to 3.3.8.11 and a completed one for 3.3.8.9 to 3.3.8.12. The 3.3.8.11 should have been abandoned

Extension (please complete the following information):

• Host: Azure DevOps
• Version 2.42.11754

Additional context
Add any other context about the problem here.

[rhyskoedijk]

Thanks @eli-gc,

This sounds like the "X was superseded by Y" scenario. GitHub's Dependabot handles this pretty well, but there are some gaps in the DevOps implementation because dependabot-core/cli doesn't have a dedicated PR close reason for this scenario.

I will look in to this when I can and see if we can add some custom logic to handle it.