jprdonnelly/docs
1
0
Fork 0
mirror of synced 2025-12-31 15:04:15 -05:00
Code Issues Projects Releases Wiki Activity
39,563 Commits 28 Branches 1 Tag
75eea7686ea985f7efa03e2d1bc215dbcbc73adf
Commit Graph

79 Commits

Author SHA1 Message Date
Annie Streater
48914bc50e Remove footnotes (#36166) 
Co-authored-by: streats <streats@users.noreply.github.comgit config --global user.emailgit config --global user.email streats@users.noreply.github.comgit config --global user.name>
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-20 13:32:32 +00:00
Anne-Marie
51157ddd8c [2023-04-13]: Dependabot supports release notes and changelogs for Docker images - [GA] #9966 (#36108) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-13 17:23:11 +00:00
Sophie
2606cafce4 [2023-04-13]: 30 day cutoff for Dependabot Pull Request Rebases - [GA] (#36022) 2023-04-13 16:46:23 +00:00
Christopher Virtucio
07f7e92e8c Mention dependency name for docker image tags (#24736) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-04-04 13:17:33 +00:00
mc
db9b6f14b4 Clarify behavior of insecure-external-code-execution=allow when access to private registries is defined (#36069) 
Co-authored-by: Kitty Chiu <42864823+KittyChiu@users.noreply.github.com>
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: David McIntosh <804610+mctofu@users.noreply.github.com>
 2023-04-03 07:57:46 +00:00
Dale Mckeown
f441f327e6 Updates docs to help NuGet users (#24557) 2023-03-28 14:48:54 +00:00
Anne-Marie
949c313513 [2023-03-31] Make images accessible in the images/help/dependabot directory #9521 (#35341) 2023-03-13 11:15:39 +00:00
Sophie
97600f0606 [Improvement]: Tell GHES admins that they can download the latest Dependabot action to get better ecosystem support (#33659) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-02-20 08:47:29 +00:00
Hector Alfaro
4cd28fd735 Remove support for miniTocMaxHeadingLevel (#34758) 2023-02-17 16:29:02 +00:00
Peter Bengtsson
b7c7dbf672 Update all internal links (#34787) 2023-02-15 15:16:18 +00:00
Anne-Marie
58e55dd2cc [Improvement]: Clarify syntax for defining a version range to ignore in dependabot.yml #9285 (#34553) 2023-02-10 10:38:31 +00:00
mc
6d491ef9f7 Rework the improve manage encrypted secrets dependabot article (#34096) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-02-07 20:47:22 +00:00
André Schröder
47617bea3b Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-01-17 23:31:00 +01:00
André Schröder
4b1ab1e649 such as -> that is 2023-01-17 23:27:03 +01:00
André Schröder
a94bd3f84d Merge branch 'main' into feat/document-dependabot-prefix 2023-01-17 23:24:33 +01:00
Sean Killeen
498107c24e Fix "low hanging fruit" spelling errors (#23216) 2023-01-17 19:30:29 +00:00
mc
c664161729 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2023-01-16 14:23:54 +00:00
mc
61446f056e [Ready for merging - 2023-01-12] - Pausing / unpausing Dependabot updates and related notifications (#33379) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Erin Havens <erinhav@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
 2023-01-12 17:40:37 +00:00
David McIntosh
c87259c404 Dependabot supports gomod indirect dependency filtering (#33884) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2023-01-12 10:27:15 +00:00
André Schröder
f8cd135f20 make it more clear that a scope follows after "Composer" 2023-01-10 23:35:26 +01:00
André Schröder
64cbb8711d fix concern: add suggested sentence 2023-01-10 23:35:22 +01:00
mc
2b9b5cf174 Merge branch 'main' into feat/document-dependabot-prefix 2023-01-09 14:33:14 +00:00
mc
dc541ae874 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2023-01-09 14:17:48 +00:00
Anne-Marie
ce4065413a [Improvement]: make pricing model clearer for Dependabot #6770 (#33305) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2023-01-03 06:30:02 +00:00
André Schröder
e1cef5e7d5 Document behavior of prefix in dependabot.yml 
It would have been helpful to me if the documentation was more
straight-forward about that a `:` is appended to the commit title by
default and how to disable that the `:` is appended.

For reference, here is the implementation:
06702c83e5/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb (L75-L83)
 2022-12-28 13:53:41 +01:00
Sophie
48524a0a7d [2022-12-13]: Dependabot does not access public registries when the user has configured private registries - [GA] (#33310) 
Co-authored-by: Jake Coffman <jakecoffman@github.com>
Co-authored-by: Anne-Marie  <102995847+am-stead@users.noreply.github.com>
Co-authored-by: Nish Sinha <nishnha@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Ankit Honey <honeyankit@github.com>
 2022-12-13 19:22:06 +00:00
mc
06667bb26e Describe how Dependabot chooses to rebase pull requests (#32993) 2022-11-29 17:19:08 +00:00
Anne-Marie
f7d1ef5023 [2022-11-23]: Dependabot support for private Hex repositories - [GA] #8667 (#32661) 
Co-authored-by: Landon Grindheim <landon.grindheim@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-23 20:08:16 +00:00
Mattt
600d45f482 Update to new limit for Dependabot commit message prefix (#32363) 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-11-18 17:12:47 +00:00
Jules
fff651b887 Dependabot version updates for forks (#32271) 
Co-authored-by: github-actions <github-actions@github.com>
 2022-11-07 17:50:37 +00:00
Rachael Sewell
3e998f61d5 use azure blob storage for archived enterprise versions (#31883) 
Co-authored-by: Laura Coursen <lecoursen@github.com>
Co-authored-by: mchammer01 <42146119+mchammer01@users.noreply.github.com>
 2022-10-25 12:03:38 -07:00
Anne-Marie
c0859e564a [2022-10-24]: Dependabot Updates supporting the increase-if-necessary versioning strategy for Python - [GA] #8372 (#31944) 2022-10-24 18:33:39 +00:00
Anne-Marie
0e03452f9c [2022-10-20]: Dependabot updates for Yarn v3 - [GA] (#31471) 
Co-authored-by: Jurre <jurre@github.com>
 2022-10-20 16:24:05 +00:00
mc
90bac38ab1 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 2022-10-10 08:53:30 +01:00
Jeff Widman
97e82c0ca8 Cleanup docker registry docs 
Dependabot now supports:
1. Public AWS ECR: https://github.com/dependabot/dependabot-core/issues/4212
2. Microsoft Azure Container Registry: https://github.com/dependabot/dependabot-core/issues/3689
3. Any registry that uses HTTP Basic Auth instead of the OCI-spec-compliant central token service: https://github.com/dependabot/dependabot-core/issues/3689#issuecomment-1272037775

So now that we support all the major docker/container registry providers, there's no need to individually list them... this way we don't have folks wondering "my registry wasn't explicitly listed, is it supported?"

So switch to mention the two authentication schemes that we support and leave it at that.

Note: I left the `ecr-docker` example, as that is a one-off workaround we added to our internal code a long time ago because ECR isn't OCI compliant. So still needs the custom key to indicate the workaround should be used. Long term I hope ECR migrates to a more standard auth flow and we can eliminate that custom workaround, but they're not there yet.
 2022-10-07 14:02:45 -07:00
Christopher Kintner
82ed39fa01 note that dependabot.yml cannot be used to configure dependabot alerts (#31397) 
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
 2022-10-04 16:14:31 +00:00
mc
4cd7011c06 Update customizing-dependency-updates.md 2022-09-29 08:54:34 +01:00
mc
af0c7eea08 Update configuring-dependabot-version-updates.md 2022-09-29 08:48:52 +01:00
Isaac Brown
5bb464a343 Describe Actions usage for Dependabot (#30966) 
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
 2022-09-28 15:12:26 +01:00
mc
6f20df6e58 Merge branch 'main' into patch-5 2022-09-26 12:21:32 +01:00
mc
8e2fe3a971 Merge branch 'main' into update-docker-registry-note 2022-09-23 08:41:16 +01:00
mc
88dcb0b13e Apply suggestions from code review 2022-09-23 08:31:24 +01:00
mc
f027de12c2 Apply suggestions from code review 2022-09-23 08:14:26 +01:00
Tom Christensen
6f1a6f6fa7 Merge branch 'update-docker-registry-note' of https://github.com/pavera/docs into update-docker-registry-note 2022-09-22 19:32:58 +00:00
Tom Christensen
47839c164f Updating based on PR feedback 2022-09-22 19:29:40 +00:00
Jeff Widman
f0428d6f69 Switch schedule.interval in examples to weekly 
Almost all the examples previously had `daily`.

However, we've heard from users that this often creates a little too much noise, so we changed the default on the back end to weekly.

Since people often copy/paste examples from help docs, this updates the examples to use `"weekly"` as well.

The only examples I didn't change were for `schedule.interval`, for obvious reasons.
 2022-09-20 13:27:43 -07:00
Josh Johanning
068a4edcfb Fixing Azure DevOps NuGet Dependabot config examples (#20617) 2022-09-20 09:14:59 +00:00
LingMan
d99733d486 Explicitly call out that Dependabot only updates direct dependencies by default (#20684) 
Co-authored-by: Jules <19994093+jules-p@users.noreply.github.com>
 2022-09-20 09:02:43 +00:00
Tom Christensen
64b32250e7 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 
Co-authored-by: Jeff Widman <jeff@jeffwidman.com>
 2022-09-19 11:14:56 -06:00
Tom Christensen
ae744b46f5 Update content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md 
Co-authored-by: Jeff Widman <jeff@jeffwidman.com>
 2022-09-19 11:13:59 -06:00