New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Clarify what all sources are supported for Terraform Dependency Updates #8419
Comments
Thanks for opening this issue. A GitHub docs team member should be by to give feedback soon. In the meantime, please check out the contributing guidelines. |
@captn3m0 Thanks so much for opening an issue! I'll triage this for the team to take a look 👀 |
@captn3m0 👋🏻 Dependabot can be used to manage version updates for dependencies that are stored in GitHub. You can also include a If you need to access dependencies in git hosted on other services, like GitLab and BitBucket, you can add the |
A note about Mercurial repos and S3 buckets not being supported would be nice. |
I'm out of time today, but will come back to this issue and suggest a change to the docs to make this clearer when I get an opportunity. It's difficult to get the right balance in keeping a readable table as well as providing detailed information. |
I've updated the issue summary with the information from our discussions and a plan for content changes to make the support clearer. I've also added a note to an internal issue so that when we next refactor these articles, we take your full feedback into account. |
What article on docs.github.com is affected?
https://docs.github.com/en/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/configuration-options-for-dependency-updates
What part(s) of the article would you like to see updated?
Terraform section.
Additional information
Terraform supports the following sources:
Out of these, it is very unclear which all are supported by Dependabot.
Update following discussion below
Answer
For anyone else with the same question, the answer was:
Content design plan
"Supported repositories and ecosystems" section of About Dependabot version updates
#vendor
anchor and also the#registries
anchor."
package-ecosystem
" section of Configuration options for dependency updatesvendor
mentioning private registries and linking toregistries
."Configuration options for private registries" section of Configuration options for dependency updates
type
ofgit
and linking togit
.The text was updated successfully, but these errors were encountered: