diff --git a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md index 4aaf8aafb6..dd08f7eb28 100644 --- a/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md +++ b/content/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file.md @@ -1022,6 +1022,33 @@ updates: versioning-strategy: increase-if-necessary ``` +{% ifversion dependabot-updates-supported-versioning-tags %} + +### Versioning tags + +* Represent stages in the software release lifecycle, such as alpha, beta, and stable versions. +* Allow publishers to distribute their packages more effectively. +* Indicate the stability of a version and communicate what users should expect in terms of features and stability. + +{% data reusables.dependabot.dependabot-updates-supported-versioning-tags %} + +#### Versioning tag glossary + +* **`alpha`**: Early version, may be unstable and have incomplete features. +* **`beta`**: More stable than alpha but may still have bugs. +* **`canary`**: Regularly updated pre-release version for testing. +* **`dev`**: Represents development versions. +* **`experimental`**: Versions with experimental features. +* **`latest`**: The latest stable release. +* **`legacy`**: Older or deprecated versions. +* **`next`**: Upcoming release version. +* **`nightly`**: Versions built nightly; often includes the latest changes. +* **`rc`**: Release candidate, close to stable release. +* **`release`**: The official release version. +* **`stable`**: The most reliable, production-ready version. + +{% endif %} + ## Configuration options for private registries The top-level `registries` key is optional. It allows you to specify authentication details that {% data variables.product.prodname_dependabot %} can use to access private package registries. diff --git a/data/features/dependabot-updates-supported-versioning-tags.yml b/data/features/dependabot-updates-supported-versioning-tags.yml new file mode 100644 index 0000000000..fb4f7cccbd --- /dev/null +++ b/data/features/dependabot-updates-supported-versioning-tags.yml @@ -0,0 +1,6 @@ +# Reference: #16090 +# Add versioning tag details to Dependabot docs +versions: + fpt: '*' + ghec: '*' + ghes: '> 3.14' diff --git a/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md b/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md new file mode 100644 index 0000000000..8c6d05c7a7 --- /dev/null +++ b/data/reusables/dependabot/dependabot-updates-supported-versioning-tags.md @@ -0,0 +1,12 @@ +{% data variables.product.prodname_dependabot %} recognizes a variety of versioning tags for pre-releases, stable versions, and custom tags across different ecosystems. + +The `dependabot.yml` file doesn't control the versioning tags that you can use, but you can define in configuration options such as [`ignore`](/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#ignore) the supported versioning tags you want to ignore updates for. + +#### Supported versioning tags + +| **Package Manager** | **YAML value** | **Supported Tags** | **Examples** | +|---------------------|-------------------|--------------------------------------------------------------------------------------------------------------------|-------------------------------------------| +| Maven | `maven` | `alpha, a, beta, b, milestone, m, rc, cr, sp, ga, final, release, snapshot` | `spring-security-web@5.6.0-SNAPSHOT`, `spring-core@5.2.0.RELEASE` | +| npm | `npm` | `alpha`, `beta`, `canary`, `dev`, `experimental`, `latest`, `legacy`, `next`, `nightly`, `rc`, `release`, `stable` | `lodash@beta`, `react@latest`, `express@next` | | +| pnpm | `npm` | `alpha`, `beta`, `canary`, `dev`, `experimental`, `latest`, `legacy`, `next`, `nightly`, `rc`, `release`, `stable` | `lodash@1.2.0-alpha`, `react@alpha`, `vue@next` | +| yarn | `npm` | `alpha`, `beta`, `canary`, `dev`, `experimental`, `latest`, `legacy`, `next`, `nightly`, `rc`, `release`, `stable` | `lodash@1.2.0-alpha`, `axios@latest`, `moment@nightly` |