diff --git a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md index 55409bd909..bfe43bd5b7 100644 --- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md +++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md @@ -506,6 +506,9 @@ Package manager | YAML value | Supported versions | | Swift | `swift` | v5 | | Terraform | `terraform` | >= 0.13, <= 1.10.x | | uv | `uv` | v0 | +| {% ifversion dependabot-vcpkg-support %} | +| vcpkg | `vcpkg` | Not applicable | +| {% endif %} | | yarn | `npm` | v1, v2, v3, v4 | ## `pull-request-branch-name.separator` {% octicon "versions" aria-label="Version updates" height="24" %} {% octicon "shield-check" aria-label="Security updates" height="24" %} diff --git a/data/features/dependabot-vcpkg-support.yml b/data/features/dependabot-vcpkg-support.yml new file mode 100644 index 0000000000..6bb39919a2 --- /dev/null +++ b/data/features/dependabot-vcpkg-support.yml @@ -0,0 +1,6 @@ +# Reference: #19113 +# vcpkg support for Dependabot +versions: + fpt: '*' + ghec: '*' + ghes: '>= 3.20' diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md index 95f05a58a3..619a7d9cf9 100644 --- a/data/reusables/dependabot/supported-package-managers.md +++ b/data/reusables/dependabot/supported-package-managers.md @@ -35,6 +35,9 @@ poetry | `pip` | v1 | {% octicon "check" aria-l [Swift](#swift) | `swift` | v5 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} (git only) | {% octicon "x" aria-label="Not supported" %} | [Terraform](#terraform) | `terraform` | >= 0.13, <= 1.10.x | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | Not applicable | uv | `uv` | v0 | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | Not applicable | +| {% ifversion dependabot-vcpkg-support %} | +[vcpkg](#vcpkg) | `vcpkg` | Not applicable | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | Not applicable | +| {% endif %} | [yarn](#yarn) | `npm` | v1, v2, v3 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %}| > [!TIP] @@ -161,6 +164,14 @@ Terraform support includes: * Terraform providers. * Private Terraform Registry. You can configure access for private git repositories by specifying a git registry in your `dependabot.yml` file. For more information, see [`git`](/code-security/dependabot/working-with-dependabot/configuring-access-to-private-registries-for-dependabot#git). +{% ifversion dependabot-vcpkg-support %} + +#### vcpkg + +vcpkg support includes updating the `builtin-baseline` commit SHA from the vcpkg ports repository in your `vcpkg.json` manifest file. For more information visit the [`microsoft/vcpkg` repository](https://github.com/microsoft/vcpkg) on {% data variables.product.prodname_dotcom_the_website %} and see [What is manifest mode?](https://learn.microsoft.com/vcpkg/concepts/manifest-mode) in the Microsoft documentation. + +{% endif %} + #### yarn Dependabot supports vendored dependencies for v2 onwards.