Hide Dependabot cooldown option from GHES documents (#58014)
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
This commit is contained in:
Tomoko Tanaka
@@ -58,6 +58,8 @@ updates:
|
|||||||
|
|
||||||
See also [schedule](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#schedule-).
|
See also [schedule](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#schedule-).
|
||||||
|
|
||||||
|
{% ifversion dependabot-option-cooldown %}
|
||||||
|
|
||||||
### Setting up a cooldown period for dependency updates
|
### Setting up a cooldown period for dependency updates
|
||||||
|
|
||||||
You can use `cooldown` with a combination of options to control when {% data variables.product.prodname_dependabot %} creates pull requests for **version updates**.
|
You can use `cooldown` with a combination of options to control when {% data variables.product.prodname_dependabot %} creates pull requests for **version updates**.
|
||||||
@@ -102,6 +104,8 @@ SemVer is supported for most package managers. Updates to new versions for depen
|
|||||||
|
|
||||||
See also [`cooldown`](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#cooldown-).
|
See also [`cooldown`](/code-security/dependabot/working-with-dependabot/dependabot-options-reference#cooldown-).
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
## Prioritizing meaningful updates
|
## Prioritizing meaningful updates
|
||||||
|
|
||||||
You can use `groups` to consolidate updates for multiple dependencies into a single pull request. This helps you focus your review time on higher risk updates, and minimize the time spent reviewing minor version updates. For example, you can combine updates for minor or patch updates for development dependencies into a single pull request, and have a dedicated group for security or version updates that impact a key area of your codebase.
|
You can use `groups` to consolidate updates for multiple dependencies into a single pull request. This helps you focus your review time on higher risk updates, and minimize the time spent reviewing minor version updates. For example, you can combine updates for minor or patch updates for development dependencies into a single pull request, and have a dedicated group for security or version updates that impact a key area of your codebase.
|
||||||
|
|||||||
@@ -167,6 +167,8 @@ Supported by: `bundler`, `composer`, `mix`, `maven`, `npm`, and `pip`.
|
|||||||
* Supports only the value `scope`
|
* Supports only the value `scope`
|
||||||
* When defined any prefix is followed by the type of dependencies updated in the commit: `deps` or `deps-dev`.
|
* When defined any prefix is followed by the type of dependencies updated in the commit: `deps` or `deps-dev`.
|
||||||
|
|
||||||
|
{% ifversion dependabot-option-cooldown %}
|
||||||
|
|
||||||
## `cooldown` {% octicon "versions" aria-label="Version updates" height="24" %}
|
## `cooldown` {% octicon "versions" aria-label="Version updates" height="24" %}
|
||||||
|
|
||||||
Defines a **cooldown period** for dependency updates, allowing updates to be delayed for a configurable number of days.
|
Defines a **cooldown period** for dependency updates, allowing updates to be delayed for a configurable number of days.
|
||||||
@@ -234,6 +236,8 @@ The table below shows the package managers for which SemVer is supported.
|
|||||||
> * If `semver-major-days`, `semver-minor-days`, or `semver-patch-days` are not defined, the `default-days` settings will take precedence for cooldown-based updates.
|
> * If `semver-major-days`, `semver-minor-days`, or `semver-patch-days` are not defined, the `default-days` settings will take precedence for cooldown-based updates.
|
||||||
> * The `exclude` list always take precedence over the `include` list. If a dependency is specified in both lists, it is **excluded from cooldown** and will be updated immediately.
|
> * The `exclude` list always take precedence over the `include` list. If a dependency is specified in both lists, it is **excluded from cooldown** and will be updated immediately.
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
|
|
||||||
## `directories` or `directory` {% octicon "versions" aria-label="Version updates" height="24" %} {% octicon "shield-check" aria-label="Security updates" height="24" %}
|
## `directories` or `directory` {% octicon "versions" aria-label="Version updates" height="24" %} {% octicon "shield-check" aria-label="Security updates" height="24" %}
|
||||||
|
|
||||||
**Required option**. Use to define the location of the package manifests for each package manager (for example, the _package.json_ or _Gemfile_). Without this information {% data variables.product.prodname_dependabot %} cannot create pull requests for version updates. For examples, see [Defining multiple locations for manifest files](/code-security/dependabot/dependabot-version-updates/controlling-dependencies-updated#defining-multiple-locations-for-manifest-files).
|
**Required option**. Use to define the location of the package manifests for each package manager (for example, the _package.json_ or _Gemfile_). Without this information {% data variables.product.prodname_dependabot %} cannot create pull requests for version updates. For examples, see [Defining multiple locations for manifest files](/code-security/dependabot/dependabot-version-updates/controlling-dependencies-updated#defining-multiple-locations-for-manifest-files).
|
||||||
|
|||||||
6
data/features/dependabot-option-cooldown.yml
Normal file
6
data/features/dependabot-option-cooldown.yml
Normal file
@@ -0,0 +1,6 @@
|
|||||||
|
# References:
|
||||||
|
# Issue #19055 - Dependabot updates ecosystem support [GA]
|
||||||
|
versions:
|
||||||
|
fpt: '*'
|
||||||
|
ghec: '*'
|
||||||
|
ghes: '>3.19'
|
||||||
Reference in New Issue
Block a user