André Schröder
|
e1cef5e7d5
|
Document behavior of prefix in dependabot.yml
It would have been helpful to me if the documentation was more
straight-forward about that a `:` is appended to the commit title by
default and how to disable that the `:` is appended.
For reference, here is the implementation:
06702c83e5/common/lib/dependabot/pull_request_creator/pr_name_prefixer.rb (L75-L83)
|
2022-12-28 13:53:41 +01:00 |
|
Bryan Dragon
|
3aa94f4ab5
|
Adjust language in global security advisories intro
|
2022-12-27 12:33:55 -06:00 |
|
mc
|
c03a6e0cf8
|
Create new yml file for secret scanning variables that aren't products (take 3) (#33609)
|
2022-12-16 10:02:43 +00:00 |
|
mc
|
7a9debdca4
|
[December 15, 2022] - Secret Scanning Experience for Free Public Repos (Public Beta) (#32702)
Co-authored-by: Sophie <29382425+sophietheking@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Aakash Shah <aashah@github.com>
Co-authored-by: amstead <am-stead@github.com>
Co-authored-by: Mariam <15mariams@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
|
2022-12-15 16:28:55 +00:00 |
|
Sophie
|
8230cfc4b6
|
[2022-12-13]: Secret scanning: Enterprise level enablement REST API - [GA] (#32951)
|
2022-12-14 16:48:05 +00:00 |
|
Ben Ahmady
|
7de78ae574
|
Adds content for Single-repo enablement panel for security overview c… (#33437)
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Kelly Arwine <kellyarwine@github.com>
|
2022-12-14 16:03:37 +00:00 |
|
Lucas Costi
|
30adcf1210
|
Add raw tags to Dependabot Actions code (#33534)
|
2022-12-14 02:01:43 +00:00 |
|
mc
|
502af8f776
|
Dependabot does not access public registries when the user has configured private registries - fix broken link (#33515)
|
2022-12-13 19:55:02 +00:00 |
|
Sophie
|
48524a0a7d
|
[2022-12-13]: Dependabot does not access public registries when the user has configured private registries - [GA] (#33310)
Co-authored-by: Jake Coffman <jakecoffman@github.com>
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
Co-authored-by: Nish Sinha <nishnha@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Ankit Honey <honeyankit@github.com>
|
2022-12-13 19:22:06 +00:00 |
|
Sophie
|
0b2879c18d
|
Merge branch 'main' into patch-1
|
2022-12-13 17:18:27 +01:00 |
|
Greg Mohler
|
5d1f58cc2d
|
fixed typo in adopting GHAS phase 4
|
2022-12-12 22:06:02 -05:00 |
|
Greg Mohler
|
b764d4bef1
|
fixed small typo in phase 1 description
|
2022-12-12 21:30:01 -05:00 |
|
mc
|
951ab5162c
|
Move variable relating to Dependency Review outside the product.yml file (#33443)
|
2022-12-12 15:13:44 +00:00 |
|
Sophie
|
5c91c070f3
|
[2022-12-06]: Secret scanning: Scan Issues body and comments [Public Beta] (#32933)
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
Co-authored-by: Mariam <15mariams@github.com>
|
2022-12-08 20:40:52 +00:00 |
|
Sophie
|
3e8e699991
|
[Improvement]: Add sentence about required fields to "Creating a repository security advisory" (#32997)
|
2022-11-30 09:47:13 +00:00 |
|
Anne-Marie
|
6c3854a5f7
|
[2022-11-29]: Dependabot Alerts: Audit Log Improvements - [GA] #8657 (#32989)
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Vanessa <vgrl@github.com>
|
2022-11-29 21:31:28 +00:00 |
|
mc
|
06667bb26e
|
Describe how Dependabot chooses to rebase pull requests (#32993)
|
2022-11-29 17:19:08 +00:00 |
|
Mariam
|
fc8b57e068
|
Update protecting-pushes-with-secret-scanning.md (#33024)
Co-authored-by: Grey Baker <greysteil@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-29 08:15:47 +00:00 |
|
Anne-Marie
|
b30878ebe6
|
[Improvement]: Look into adding dependency review enforcement to Best practices supply chain article #6586 (#32920)
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-28 08:37:30 +00:00 |
|
Ben Ahmady
|
dac72908e8
|
Adds reusables and content to support public beta release of CodeQL for Kotlin (#32859)
Co-authored-by: Felicity Chapman <felicitymay@github.com>
|
2022-11-25 08:47:15 +00:00 |
|
Sophie
|
80edcdbff4
|
[Improvement]: Secret scanning bypass reasons to alert reasons (#32855)
Co-authored-by: Felicity Chapman <felicitymay@github.com>
|
2022-11-24 14:04:00 +00:00 |
|
Jules
|
4e0d5f63b1
|
Adds dependabot actions support (#32815)
|
2022-11-23 20:20:39 +00:00 |
|
Anne-Marie
|
f7d1ef5023
|
[2022-11-23]: Dependabot support for private Hex repositories - [GA] #8667 (#32661)
Co-authored-by: Landon Grindheim <landon.grindheim@gmail.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-23 20:08:16 +00:00 |
|
Zach Willard
|
34bc43e26b
|
Update configuring-dependabot-security-updates.md
This makes the documentation consistent with the example and the other page here: https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#open-pull-requests-limit
It could catch someone off-guard if they use the config option in the paragraph instead of the example.
|
2022-11-21 09:41:31 -06:00 |
|
Mattt
|
600d45f482
|
Update to new limit for Dependabot commit message prefix (#32363)
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-18 17:12:47 +00:00 |
|
Pantelis
|
42c7d194b4
|
Update protecting-pushes-with-secret-scanning.md (#32693)
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-18 11:58:21 +00:00 |
|
Xavier RENE-CORAIL
|
2ff4a43f0b
|
Update privately-reporting-a-security-vulnerability.md (#32689)
Co-authored-by: mc <42146119+mchammer01@users.noreply.github.com>
|
2022-11-17 09:15:56 +00:00 |
|
Markus Schulte
|
3203ecbc31
|
Warn to wait for checks if using Dependabot auto-merge (#21607)
|
2022-11-15 12:29:49 +00:00 |
|
Laura Coursen
|
c2aa10a61d
|
Best practices for repositories, organizations, and enterprises (#32102)
Co-authored-by: Matt Pollard <mattpollard@users.noreply.github.com>
|
2022-11-14 15:50:34 +00:00 |
|
Anne-Marie
|
f7ee79727d
|
[2022-11-14]: Dependency Review Action #7739 (#32208)
Co-authored-by: Courtney Claessens <courtneycl@github.com>
|
2022-11-14 14:46:01 +00:00 |
|
Felicity Chapman
|
094dff459f
|
'security overviews' -> 'the security overview' (#32553)
|
2022-11-12 17:19:01 +00:00 |
|
Felicity Chapman
|
b617c4a7a1
|
Improve comments for code security variables (#32445)
|
2022-11-11 09:31:37 +00:00 |
|
Rachael Rose Renk
|
7bbcd64067
|
Remove reference to Go CodeQL relocation (#32426)
Co-authored-by: Laura Coursen <lecoursen@github.com>
|
2022-11-10 18:55:50 +00:00 |
|
Courtney Wilson
|
9e636b0c4f
|
Merge branch 'main' into fix-typo-configuring-codeql-cli
|
2022-11-10 11:17:38 -06:00 |
|
Steven Maude
|
663f702366
|
Fix "creat issue" typo
In "Configuring private vulnerability reporting for a repository".
|
2022-11-10 10:54:57 +00:00 |
|
Mathias Rørvik
|
6da37f4817
|
fix typo codeql-cli docs
|
2022-11-09 19:25:57 +01:00 |
|
Jules
|
96b3b4b74c
|
Merge branch 'main' into universe-2022-megabranch
|
2022-11-08 07:46:59 +01:00 |
|
Jules
|
fff651b887
|
Dependabot version updates for forks (#32271)
Co-authored-by: github-actions <github-actions@github.com>
|
2022-11-07 17:50:37 +00:00 |
|
Jules
|
10383a1160
|
Merge branch 'main' into universe-2022-megabranch
|
2022-11-07 12:00:55 +01:00 |
|
Sophie
|
afa177191a
|
[2022-10-07]: Dependabot alerts to deprecate repository banners (i.e. "UI" notifications)- [GA] (#32274)
Co-authored-by: github-actions <github-actions@github.com>
|
2022-11-04 23:00:02 +00:00 |
|
Felicity Chapman
|
1f0ca08b60
|
Update security overview docs for new Risk and Coverage views (#32243)
|
2022-11-04 15:27:25 +00:00 |
|
Angela P Wen
|
75c3c90cb6
|
Gate Go autobuild description behind versioning flag (#32337)
Co-authored-by: Felicity Chapman <felicitymay@github.com>
|
2022-11-04 11:43:00 +00:00 |
|
Jules
|
d54632e994
|
Merge branch 'main' into universe-2022-megabranch
|
2022-11-04 09:51:19 +01:00 |
|
Sophie
|
824959efe7
|
Merge branch 'universe-2022-megabranch' into sophietheking-7880
|
2022-11-03 17:37:39 +01:00 |
|
mc
|
79fd7bb891
|
Improve docs about secret scanning notifications (#32199)
Co-authored-by: Anne-Marie <102995847+am-stead@users.noreply.github.com>
|
2022-11-03 11:24:34 +00:00 |
|
mc
|
42d5f37abd
|
Private vulnerability reporting (beta) (#32124)
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Felicity Chapman <felicitymay@github.com>
Co-authored-by: Robert Thorpe II <rthorpeii@github.com>
|
2022-11-03 09:43:32 +00:00 |
|
Laura Coursen
|
83728199b3
|
[Universe 2022] Displaying authentication token data for enterprise audit log events (GA) (#32213)
|
2022-11-02 13:24:14 -05:00 |
|
Jules
|
caf09e22c6
|
Merge branch 'main' into universe-2022-megabranch
|
2022-11-02 09:07:15 +01:00 |
|
Courtney Claessens
|
a9af58ef52
|
Update dependency graph processing limit (#32256)
|
2022-11-02 04:59:21 +00:00 |
|
Sophie
|
4c03c0c60b
|
adds more content
|
2022-11-01 18:24:37 +01:00 |
|