Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot version updates: support for private registries (Cloud Beta) #67

Closed
github-product-roadmap opened this issue Jul 24, 2020 · 2 comments
Closed

Dependabot version updates: support for private registries (Cloud Beta) #67

github-product-roadmap opened this issue Jul 24, 2020 · 2 comments
Labels
all Product SKU: All cloud Available on Cloud dependabot Feature: GitHub Dependabot preview Feature phase: Preview shipped Shipped

Comments

@github-product-roadmap
Copy link
Collaborator

github-product-roadmap commented Jul 24, 2020
edited
Loading

Summary
Dependabot support for private registries allows users to keep private packages secure by opening pull requests to update the packages' dependencies to the latest version.

Intended Outcome
Keep private package dependencies up to date and vulnerability-free.

How will it work?
Today, Dependabot Version Updates updates the packages you rely on to newer versions, even if the version on which you currently rely doesn't have any (known) vulnerabilities. Support for private registries allows users to configure which private registries they are using, and supply credentials for those, to allow Dependabot to update those packages' dependencies.
@github github locked and limited conversation to collaborators Jul 24, 2020
@github-product-roadmap github-product-roadmap added all Product SKU: All preview Feature phase: Preview cloud Available on Cloud security & compliance labels Jul 24, 2020
@github-product-roadmap github-product-roadmap changed the title Dependabot support for private registries Dependabot version updates: support for private registries (Cloud Beta) Sep 9, 2020
@alexcnichols alexcnichols added the shipped Shipped label Dec 4, 2020
@alexcnichols
Copy link
Contributor

https://github.blog/changelog/2020-12-02-dependabot-version-updates-from-private-github-repositories/

@alexcnichols alexcnichols reopened this Dec 8, 2020
@alexcnichols alexcnichols removed the shipped Shipped label Dec 8, 2020
@Sid-ah Sid-ah added the shipped Shipped label Mar 16, 2021
@Sid-ah
Copy link
Contributor

Sid-ah commented Mar 16, 2021

https://github.blog/changelog/2021-03-15-dependabot-private-registry-support-public-beta/

@Sid-ah Sid-ah closed this as completed Mar 16, 2021
@Sid-ah Sid-ah added the dependabot Feature: GitHub Dependabot label Sep 27, 2021
@Sid-ah Sid-ah moved this from Q2 2021 – Apr-Jun to Q1 2021 – Jan-Mar in 📣 GitHub public roadmap - updates coming Nov 2024 📣 Oct 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
all Product SKU: All cloud Available on Cloud dependabot Feature: GitHub Dependabot preview Feature phase: Preview shipped Shipped
Projects
📣 GitHub public roadmap - updates coming Nov 2024 📣
Archived in project
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Sid-ah @alexcnichols @github-product-roadmap