jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-23 03:44:00 -05:00
Code Issues Projects Releases Wiki Activity

add reusable file and reusable to articles

Browse Source
This commit is contained in:
mchammer01
2021-02-09 14:33:36 +00:00
parent 1948e4b717
commit c17b586b80
3 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
content/github/administering-a-repository/about-dependabot-version-updates.md
View File

@@ -22,6 +22,8 @@ When {% data variables.product.prodname_dependabot %} identifies an outdated dep
If you enable security updates, {% data variables.product.prodname_dependabot %} also raises pull requests to update vulnerable dependencies. For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/github/managing-security-vulnerabilities/about-dependabot-security-updates)."
{% data reusables.dependabot.pull-request-security-vs-version-updates %}
{% data reusables.dependabot.dependabot-tos %}
### Frequency of {% data variables.product.prodname_dependabot %} pull requests

4
content/github/managing-security-vulnerabilities/about-dependabot-security-updates.md
View File

@@ -22,6 +22,10 @@ The {% data variables.product.prodname_dependabot_security_updates %} feature is
{% endnote %}
If you enable version updates, {% data variables.product.prodname_dependabot %} will raise pull requests to update the manifest to the latest version of the dependency, whenever it detects an outdated dependency. For more information, see "[About {% data variables.product.prodname_dependabot %} version updates](/github/administering-a-repository/about-dependabot-version-updates)."
{% data reusables.dependabot.pull-request-security-vs-version-updates %}
### About pull requests for security updates
Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository.

3
data/reusables/dependabot/pull-request-security-vs-version-updates.md Normal file
View File

@@ -0,0 +1,3 @@
When {% data variables.product.prodname_dependabot %} raises a pull requests, the location in {% data variables.product.prodname_dotcom %} you should go to depends on whether the pull request was raised for version updates or security updates:
- For version updates, nagivate to your _dependabot.yml_ file (in the `.github` directory of your repository), and look at the results in the Insights tab (under Dependencies).
- For security updates, navigate to the Security tab for your repository, and click **Dependabot alerts** on the left sidebar.