add mention of Dependabot supported ecosystems

This commit is contained in:
Sarita Iyer 2022-06-16 11:28:44 -04:00
Родитель 0f4c534b1a
Коммит 36de6c9709
1 изменённых файлов: 1 добавлений и 1 удалений

Просмотреть файл

@ -2,4 +2,4 @@ The Dependency submission API lets you submit dependencies for a project. This e
The dependency graph shows any dependencies you submit using the API in addition to any dependencies that are identified from manifest or lock files in the repository (for example, a `package-lock.json` file in a JavaScript project). For more information about viewing the dependency graph, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph)." The dependency graph shows any dependencies you submit using the API in addition to any dependencies that are identified from manifest or lock files in the repository (for example, a `package-lock.json` file in a JavaScript project). For more information about viewing the dependency graph, see "[Exploring the dependencies of a repository](/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph)."
Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %}, {% data variables.product.prodname_dependabot_security_updates %} and {% data variables.product.prodname_dependabot_version_updates %} for any known vulnerabilities. Submitted dependencies will not be surfaced in dependency review or your organization's dependency insights. Submitted dependencies will receive {% data variables.product.prodname_dependabot_alerts %}, {% data variables.product.prodname_dependabot_version_updates %} and {% data variables.product.prodname_dependabot_security_updates %} for any known vulnerabilities. You will only get {% data variables.product.prodname_dependabot_alerts %} for dependencies that are from one of the [supported ecosystems](https://github.com/github/advisory-database#supported-ecosystems) of the {% data variables.product.prodname_advisory_database %}. Submitted dependencies will not be surfaced in dependency review or your organization's dependency insights.