Adds dependabot actions support (#32815)

2022-11-23 21:20:39 +01:00 · 2022-11-23 21:20:39 +01:00 · 4e0d5f63b1
--- a/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md
+++ b/content/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates.md
@ -50,6 +50,8 @@ You can enable a related feature, {% data variables.product.prodname_dependabot_

 {% data reusables.dependabot.dependabot-updates-and-actions %}

+{% data reusables.dependabot.dependabot-actions-support %}
+
 ## About pull requests for security updates

 Each pull request contains everything you need to quickly and safely review and merge a proposed fix into your project. This includes information about the vulnerability like release notes, changelog entries, and commit details. Details of which vulnerability a pull request resolves are hidden from anyone who does not have access to {% data variables.product.prodname_dependabot_alerts %} for the repository.
--- a/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
+++ b/content/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security.md
@ -104,6 +104,12 @@ The term "{% data variables.product.prodname_dependabot %}" encompasses the foll

 {% endif %}

+{% ifversion dependabot-actions-support %}
+
+{% data reusables.dependabot.dependabot-actions-support %} For more information, see "[About {% data variables.product.prodname_dependabot_security_updates %}](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)."
+
+{% endif %}
+
 #### What are Dependabot alerts

 {% data variables.product.prodname_dependabot_alerts %} highlight repositories affected by a newly discovered vulnerability based on the dependency graph and the {% data variables.product.prodname_advisory_database %}, which contains advisories for known vulnerabilities{% ifversion GH-advisory-db-supports-malware %} and malware{% endif %}. 
--- a/data/features/dependabot-actions-support.yml
+++ b/data/features/dependabot-actions-support.yml
@ -0,0 +1,4 @@
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '>3.7'
--- a/data/reusables/dependabot/dependabot-actions-support.md
+++ b/data/reusables/dependabot/dependabot-actions-support.md
@ -0,0 +1 @@
+{% ifversion dependabot-actions-support %}{% data variables.product.prodname_dependabot_security_updates %} can fix vulnerable dependencies in {% data variables.product.prodname_actions %}. When security updates are enabled, {% data variables.product.prodname_dependabot %} will automatically raise a pull request to update vulnerable {% data variables.product.prodname_actions %} used in your workflows to the minimum patched version.{% endif %}
				`@ -0,0 +1 @@`
				`{% ifversion dependabot-actions-support %}{% data variables.product.prodname_dependabot_security_updates %} can fix vulnerable dependencies in {% data variables.product.prodname_actions %}. When security updates are enabled, {% data variables.product.prodname_dependabot %} will automatically raise a pull request to update vulnerable {% data variables.product.prodname_actions %} used in your workflows to the minimum patched version.{% endif %}`