jprdonnelly/docs
1
0
Fork 0
mirror of synced 2026-01-06 06:02:35 -05:00
Code Issues Projects Releases Wiki Activity

Merge pull request #31119 from github/repo-sync

Browse Source 
Repo sync
This commit is contained in:
docs-bot
2024-01-17 01:58:07 -08:00
committed by GitHub
parent 0db999d1f4 35a2ab5911
commit 2173b60593
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
data/reusables/dependency-submission/about-dependency-submission.md
View File

@@ -2,7 +2,7 @@ You can use the REST API to submit dependencies for a project. This enables you
The dependency graph shows any dependencies you submit using the API in addition to any dependencies that are identified from manifest or lock files in the repository (for example, a `package-lock.json` file in a JavaScript project). For more information about viewing the dependency graph, see "[AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph)."
Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %} and {% data variables.product.prodname_dependabot_security_updates %} for any known vulnerabilities. You will only get {% data variables.product.prodname_dependabot_alerts %} for dependencies that are from one of the supported ecosystems for the {% data variables.product.prodname_advisory_database %}. For more information about these ecosystems, see "[AUTOTITLE](/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database#github-reviewed-advisories)." {% ifversion dependency-review-submission-api %}Submitted dependencies will be surfaced in dependency review or your organization's dependency insights.
Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %} and {% data variables.product.prodname_dependabot_security_updates %} for any known vulnerabilities. You will only get {% data variables.product.prodname_dependabot_alerts %} for dependencies that are from one of the supported ecosystems for the {% data variables.product.prodname_advisory_database %}. For more information about these ecosystems, see "[AUTOTITLE](/code-security/security-advisories/global-security-advisories/about-the-github-advisory-database#github-reviewed-advisories)." {% ifversion dependency-review-submission-api %}Submitted dependencies will be surfaced in dependency review, but are _not_ available in your organization's dependency insights.
{% data reusables.dependency-review.works-with-submission-api-beta %}
{% else %}Submitted dependencies will _not_ be surfaced in dependency review or your organization's dependency insights.{% endif %}