Skip to content

Commit 1d2030a

Browse files
authored
Update information on support by Dependabot version updates for Pub as it moves from beta to GA (github#28047)
1 parent 1af2311 commit 1d2030a

File tree

2 files changed

+9
-5
lines changed

2 files changed

+9
-5
lines changed

content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ You must store this file in the `.github` directory of your repository. When you
3333

3434
Any options that also affect security updates are used the next time a security alert triggers a pull request for a security update. For more information, see "[Configuring {% data variables.product.prodname_dependabot_security_updates %}](/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/configuring-dependabot-security-updates)."
3535

36-
The *dependabot.yml* file has two mandatory top-level keys: `version`, and `updates`. You can, optionally, include a top-level `registries` key{% ifversion fpt or ghec or ghes > 3.4 %} and/or a `enable-beta-ecosystems` key{% endif %}. The file must start with `version: 2`.
36+
The *dependabot.yml* file has two mandatory top-level keys: `version`, and `updates`. You can, optionally, include a top-level `registries` key{% ifversion ghes = 3.5 %} and/or a `enable-beta-ecosystems` key{% endif %}. The file must start with `version: 2`.
3737

3838
## Configuration options for the *dependabot.yml* file
3939

@@ -976,8 +976,9 @@ By default, {% data variables.product.prodname_dependabot %} updates the depende
976976
977977
version: 2
978978
enable-beta-ecosystems: true
979-
updates:
980-
- package-ecosystem: "pub"
979+
updates:{% ifversion fpt or ghec or ghes > 3.5 %}
980+
- package-ecosystem: "beta-ecosystem"{% else %}
981+
- package-ecosystem: "pub"{% endif %}
981982
directory: "/"
982983
schedule:
983984
interval: "daily"

data/reusables/dependabot/supported-package-managers.md

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -39,8 +39,11 @@ yarn | `npm` | v1 | **✓** | **✓** | |
3939

4040
[3] {% data variables.product.prodname_dependabot %} doesn't run the NuGet CLI but does support most features up until version 4.8.
4141

42-
{% ifversion fpt or ghec or ghes > 3.4 %}[4] `pub` support is currently in beta. Any known limitations are subject to change. Note that {% data variables.product.prodname_dependabot %}:
42+
{% ifversion fpt or ghec or ghes > 3.4 %}
43+
[4] {% ifversion ghes = 3.5 %}`pub` support is currently in beta. Any known limitations are subject to change. Note that {% data variables.product.prodname_dependabot %}:
4344
- Doesn't support updating git dependencies for `pub`.
4445
- Won't perform an update when the version that it tries to update to is ignored, even if an earlier version is available.
4546

46-
For information about configuring your _dependabot.yml_ file for `pub`, see "[Enabling support for beta-level ecosystems](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#enable-beta-ecosystems)." {% endif %}
47+
For information about configuring your _dependabot.yml_ file for `pub`, see "[Enabling support for beta-level ecosystems](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#enable-beta-ecosystems)."
48+
{%- else %}{% data variables.product.prodname_dependabot %} won't perform an update for `pub` when the version that it tries to update to is ignored, even if an earlier version is available.{% endif %}
49+
{% endif %}

0 commit comments

Comments
 (0)