repo sync

data/reusables/dependabot/supported-package-managers.md

@@ -1,34 +1,35 @@
-The following table shows, for each package manager, whether {% data variables.product.prodname_dependabot %} supports: dependencies in private {% data variables.product.prodname_dotcom %} repositories, and vendored dependencies.
+The following table shows, for each package manager:
+- The YAML value to use in the *dependabot.yml* file
+- The supported versions of the package manager
+- Whether dependencies in private {% data variables.product.prodname_dotcom %} repositories are supported
+- Whether vendored dependencies are supported
 
-Package manager | Private {% data variables.product.prodname_dotcom %} repositories | Vendoring 
---- | :---:| :---:
-Bundler: `bundler` | | **✓** |
-Cargo: `cargo` | **✓** | |
-Composer: `composer` | **✓** | |
-Docker: `docker` | **✓** | |
-Elixir: `hex` | | |
-Elm: `elm` | **✓** | |
-git submodule: `gitsubmodule` | **✓** | |
-GitHub Actions: `github-actions` | **✓** | |
-Go modules: `gomod` | **✓** | **✓** |
-Gradle: `gradle` | **✓** | |
-Maven: `maven` | **✓** | |
-Mix: `mix` | **✓** | |
-npm: `npm` | **✓** | |
-NuGet: `nuget` | **✓** | |
-pip: `pip` | | |
-Terraform: `terraform` | **✓** | |
+Package manager | YAML value | Supported versions | Private repositories | Vendoring 
+--- | --- | --- |:---:|:---:
+Bundler | `bundler` | v1 | | **✓** |
+Cargo | `cargo` | v1 | **✓** | |
+Composer | `composer` | v1,v2  | **✓** | |
+Docker | `docker` | v1 | **✓** | |
+Elixir | `mix` | v1 | **✓** | |
+Elm | `elm` | v0.18, v0.19 | **✓** | |
+git submodule | `gitsubmodule` | N/A (no version) | **✓** | |
+GitHub Actions | `github-actions` |  N/A (no version) | **✓** | |
+Go modules | `gomod` | v1 | **✓** | **✓** |
+Gradle | `gradle` | see (A) below | **✓** | |
+Maven | `maven` | see (B) below | **✓** | |
+npm | `npm` | v6 | **✓** | |
+NuGet | `nuget` | <= 4.8.</br>see (C) below | **✓** | |
+pip | `pip` | v20 | | |
+pipenv | `pip` | <= 2018.11.26 | | |
+pip-compile | `pip` | 5.5.0 | | |
+poetry | `pip` | v1 | | |
+Terraform | `terraform` | <= 0.11 | **✓** | |
+yarn | `npm` | v1 | | |
 
-{% note %}
+(A) {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files: `build.gradle` and `build.gradle.kts` (for Kotlin projects).
 
-**Note**: {% data variables.product.prodname_dependabot %} also supports the following package managers:
+(B) {% data variables.product.prodname_dependabot %} doesn't run Maven but supports updates to `pom.xml` files.
 
--`yarn` (v1 only) (specify `npm`)
+(C) {% data variables.product.prodname_dependabot %} doesn't run the NuGet CLI but does support most features up until version 4.8.
 
--`.gradle.kts` files, for Kotlin projects (specify `gradle`)
-
--`pipenv`, `pip-compile`, and `poetry` (specify `pip`)
-
-For example, if you use `poetry` to manage your Python dependencies and want {% data variables.product.prodname_dependabot %} to monitor your dependency manifest file for new versions, use `package-ecosystem: "pip"` in your *dependabot.yml* file.
-
-{% endnote %}
+For package managers such as `pipenv` and `poetry`, you need to use the `pip` YAML value. For example, if you use `poetry` to manage your Python dependencies and want {% data variables.product.prodname_dependabot %} to monitor your dependency manifest file for new versions, use `package-ecosystem: "pip"` in your *dependabot.yml* file.