Fix: Update dependabot labels documentation regarding SemVer labels (#58420)

Signed-off-by: jmeridth <jmeridth@gmail.com> Co-authored-by: Joe Clark <31087804+jc-clark@users.noreply.github.com>
2025-12-19 09:57:42 -05:00 · 2025-11-12 11:26:34 -06:00
parent 25caf673a1
commit 86216fb38b
2 changed files with 4 additions and 0 deletions
--- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
+++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
@@ -381,11 +381,13 @@ Specify your own labels for all pull requests raised for a package manager.  For

 * All pull requests have a `dependencies` label.
 * If you define more than one package manager, an additional label for the ecosystem or language is added to each pull request. For example: `java` for Gradle updates and `submodules` for git submodule updates.
+* If semantic version (SemVer) labels are present in the repository, they will be applied automatically to indicate the type of version update (`major`, `minor`, or `patch`).
 * {% data variables.product.prodname_dependabot %} creates these default labels automatically, as necessary in your repository.

 When `labels` is defined:

 * The labels specified are used instead of the default labels.
+* SemVer labels (if present in the repository) will still be applied in addition to any custom labels defined.
 * If any of these labels is not defined in the repository, it is ignored.
 * You can disable all labels, including the default labels, using `labels: [ ]`.

--- a/data/reusables/dependabot/default-labels.md
+++ b/data/reusables/dependabot/default-labels.md
@@ -3,3 +3,5 @@ By default, {% data variables.product.prodname_dependabot %} raises pull request
 {% data variables.product.prodname_dependabot %} also applies an ecosystem label, such as `java`, `npm`, or `github-actions`, to pull requests. {% data variables.product.prodname_dependabot %} adds both the `dependencies` label and the ecosystem label to all pull requests, including single-ecosystem updates, to improve filtering and triaging.

 {% data variables.product.prodname_dependabot %} creates the default labels it applies to pull requests if they do not already exist in the repository. If you want to use custom labels instead of the defaults, you can set the `labels` option in your `dependabot.yml` file per package ecosystem; this overrides the defaults. For more information, see [AUTOTITLE](/issues/using-labels-and-milestones-to-track-work/managing-labels) and [`labels`](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#labels--).
+
+If semantic version (SemVer) labels are present in the repository, {% data variables.product.prodname_dependabot %} will also automatically apply them to indicate the type of version update (`major`, `minor`, or `patch`). These labels are applied in addition to any custom labels you define.