jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-21 02:46:50 -05:00
Code Issues Projects Releases Wiki Activity

add clarification before ecosystem table

Browse Source
This commit is contained in:
mchammer01
2021-03-08 10:11:37 +00:00
parent 32fa4af4b2
commit df90ed6bc6
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
content/github/visualizing-repository-data-with-graphs/about-the-dependency-graph.md
View File

@@ -64,6 +64,9 @@ When the dependency graph is first enabled, any manifest and lock files for supp
The recommended formats explicitly define which versions are used for all direct and all indirect dependencies. If you use these formats, your dependency graph is more accurate. It also reflects the current build set up and enables the dependency graph to report vulnerabilities in both direct and indirect dependencies.{% if currentVersion == "free-pro-team@latest" %} Indirect dependencies that are inferred from a manifest file (or equivalent) are excluded from the checks for vulnerable dependencies.{% endif %}
{% if currentVersion == "free-pro-team@latest" %}The ecosystems listed below are supported for the dependency graph, {% data variables.product.prodname_dependabot_alerts %}, and {% data variables.product.prodname_dependabot_security_updates %}.{% endif %}
{% if currentVersion ver_gt "enterprise-server@2.21" %}The ecosystems listed below are supported for the dependency graph and {% data variables.product.prodname_dependabot_alerts %}.{% endif %}
| Package manager | Languages | Recommended formats | All supported formats |
| --- | --- | --- | ---|
| Composer | PHP | `composer.lock` | `composer.json`, `composer.lock` |