-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Dependabot version updates: support for private registries (Cloud Beta) #67
Labels
all
Product SKU: All
cloud
Available on Cloud
dependabot
Feature: GitHub Dependabot
preview
Feature phase: Preview
shipped
Shipped
Comments
github-product-roadmap
added
all
Product SKU: All
preview
Feature phase: Preview
cloud
Available on Cloud
security & compliance
labels
Jul 24, 2020
github-product-roadmap
changed the title
Dependabot support for private registries
Dependabot version updates: support for private registries (Cloud Beta)
Sep 9, 2020
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
all
Product SKU: All
cloud
Available on Cloud
dependabot
Feature: GitHub Dependabot
preview
Feature phase: Preview
shipped
Shipped
Summary
Dependabot support for private registries allows users to keep private packages secure by opening pull requests to update the packages' dependencies to the latest version.
Intended Outcome
Keep private package dependencies up to date and vulnerability-free.
How will it work?
Today, Dependabot Version Updates updates the packages you rely on to newer versions, even if the version on which you currently rely doesn't have any (known) vulnerabilities. Support for private registries allows users to configure which private registries they are using, and supply credentials for those, to allow Dependabot to update those packages' dependencies.
The text was updated successfully, but these errors were encountered: