diff --git a/assets/images/help/repository/dependabot-alerts-closed.png b/assets/images/help/repository/dependabot-alerts-closed.png new file mode 100644 index 000000000000..f5687ae93fc3 Binary files /dev/null and b/assets/images/help/repository/dependabot-alerts-closed.png differ diff --git a/assets/images/help/repository/dependabot-alerts-select-closed-alert.png b/assets/images/help/repository/dependabot-alerts-select-closed-alert.png new file mode 100644 index 000000000000..33f9c3364f4a Binary files /dev/null and b/assets/images/help/repository/dependabot-alerts-select-closed-alert.png differ diff --git a/assets/images/help/repository/reopen-dismissed-alert.png b/assets/images/help/repository/reopen-dismissed-alert.png new file mode 100644 index 000000000000..07a1cd94959d Binary files /dev/null and b/assets/images/help/repository/reopen-dismissed-alert.png differ diff --git a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md index 4029faa7f6d1..ce51732a370f 100644 --- a/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md +++ b/content/code-security/supply-chain-security/managing-vulnerabilities-in-your-projects-dependencies/viewing-and-updating-vulnerable-dependencies-in-your-repository.md @@ -57,7 +57,7 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric 1. Optionally, if there isn't already a {% data variables.product.prodname_dependabot_security_updates %} update for the alert, to create a pull request to resolve the vulnerability, click **Create {% data variables.product.prodname_dependabot %} security update**. ![Create {% data variables.product.prodname_dependabot %} security update button](/assets/images/help/repository/create-dependabot-security-update-button-ungrouped.png) 1. When you're ready to update your dependency and resolve the vulnerability, merge the pull request. Each pull request raised by {% data variables.product.prodname_dependabot %} includes information on commands you can use to control {% data variables.product.prodname_dependabot %}. For more information, see "[Managing pull requests for dependency updates](/code-security/supply-chain-security/keeping-your-dependencies-updated-automatically/managing-pull-requests-for-dependency-updates#managing-dependabot-pull-requests-with-comment-commands)." -1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" drop-down, and click a reason for dismissing the alert. +1. Optionally, if the alert is being fixed, if it's incorrect, or located in unused code, select the "Dismiss" dropdown, and click a reason for dismissing the alert.{% if reopen-dependabot-alerts %} Unfixed dismissed alerts can be reopened later.{% endif %} ![Choosing reason for dismissing the alert via the "Dismiss" drop-down](/assets/images/help/repository/dependabot-alert-dismiss-drop-down-ungrouped.png) {% elsif ghes = 3.3 %} @@ -94,6 +94,22 @@ Each {% data variables.product.prodname_dependabot %} alert has a unique numeric ![Dismiss security banner](/assets/images/enterprise/3.0/dependabot-alert-dismiss.png) {% endif %} +{% if reopen-dependabot-alerts %} + +## Viewing and updating closed alerts + +{% data reusables.repositories.navigate-to-repo %} +{% data reusables.repositories.sidebar-security %} +{% data reusables.repositories.sidebar-dependabot-alerts %} +1. To just view closed alerts, click **Closed**. + ![Screenshot showing the "Closed" option](/assets/images/help/repository/dependabot-alerts-closed.png) +1. Click the alert that you would like to view or update. + ![Screenshot showing a highlighted dependabot alert](/assets/images/help/repository/dependabot-alerts-select-closed-alert.png) +2. Optionally, if the alert was dismissed and you wish to reopen it, click **Reopen**. + ![Screenshot showing the "Reopen" button](/assets/images/help/repository/reopen-dismissed-alert.png) + +{% endif %} + ## Further reading - "[About alerts for vulnerable dependencies](/code-security/supply-chain-security/about-alerts-for-vulnerable-dependencies)"{% ifversion fpt or ghec or ghes > 3.2 %} diff --git a/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md b/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md index 9810559b4228..37dbc4337d39 100644 --- a/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md +++ b/content/repositories/managing-your-repositorys-settings-and-features/managing-repository-settings/configuring-tag-protection-rules.md @@ -2,6 +2,7 @@ title: Configuring tag protection rules shortTitle: Configure tag rules intro: You can configure tag protection rules for your repository to prevent contributors from creating or deleting tags. +product: '{% data reusables.gated-features.tag-protection-rules %}' versions: fpt: '*' ghes: '>3.4' diff --git a/data/features/reopen-dependabot-alerts.yml b/data/features/reopen-dependabot-alerts.yml new file mode 100644 index 000000000000..f6ff7fa5970f --- /dev/null +++ b/data/features/reopen-dependabot-alerts.yml @@ -0,0 +1,6 @@ +# Reference 5861 +versions: + fpt: '*' + ghec: '*' + ghes: '>3.4' + ghae: 'issue-5861' diff --git a/data/reusables/gated-features/tag-protection-rules.md b/data/reusables/gated-features/tag-protection-rules.md new file mode 100644 index 000000000000..3f8d77437491 --- /dev/null +++ b/data/reusables/gated-features/tag-protection-rules.md @@ -0,0 +1 @@ +{% ifversion ghae %}Tag protection rules are available in internal and private repositories with {% data variables.product.prodname_ghe_managed %}, {% else%}Tag protection rules are available {% endif %}in public repositories with {% data variables.product.prodname_free_user %} and {% data variables.product.prodname_free_team %} for organizations, and in public and private repositories with {% data variables.product.prodname_pro %}, {% data variables.product.prodname_team %}, {% data variables.product.prodname_ghe_cloud %}, and {% data variables.product.prodname_ghe_server %}. {% ifversion fpt or ghec %}{% data reusables.gated-features.more-info %}{% endif %} diff --git a/package-lock.json b/package-lock.json index 675794f7ab21..5450c2fadc53 100644 --- a/package-lock.json +++ b/package-lock.json @@ -38,7 +38,7 @@ "hast-util-to-string": "^2.0.0", "hastscript": "^7.0.2", "helmet": "^4.6.0", - "highlight.js": "11.2.0", + "highlight.js": "11.4.0", "highlightjs-curl": "^1.3.0", "highlightjs-graphql": "^1.0.2", "hot-shots": "^9.0.0", @@ -4779,17 +4779,6 @@ "string-width": "^4.1.0" } }, - "node_modules/ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "optional": true, - "peer": true, - "engines": { - "node": ">=6" - } - }, "node_modules/ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -8216,20 +8205,6 @@ "node": ">=10.13.0" } }, - "node_modules/enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "optional": true, - "peer": true, - "dependencies": { - "ansi-colors": "^4.1.1" - }, - "engines": { - "node": ">=8.6" - } - }, "node_modules/ensure-posix-path": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ensure-posix-path/-/ensure-posix-path-1.1.1.tgz", @@ -10780,9 +10755,9 @@ } }, "node_modules/highlight.js": { - "version": "11.2.0", - "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.2.0.tgz", - "integrity": "sha512-JOySjtOEcyG8s4MLR2MNbLUyaXqUunmSnL2kdV/KuGJOmHZuAR5xC54Ko7goAXBWNhf09Vy3B+U7vR62UZ/0iw==", + "version": "11.4.0", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.4.0.tgz", + "integrity": "sha512-nawlpCBCSASs7EdvZOYOYVkJpGmAOKMYZgZtUqSRqodZE0GRVcFKwo1RcpeOemqh9hyttTdd5wDBwHkuSyUfnA==", "engines": { "node": ">=12.0.0" } @@ -18572,6 +18547,14 @@ "url": "https://github.com/sponsors/wooorm" } }, + "node_modules/rehype-highlight/node_modules/highlight.js": { + "version": "11.3.1", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.3.1.tgz", + "integrity": "sha512-PUhCRnPjLtiLHZAQ5A/Dt5F8cWZeMyj9KRsACsWT+OD6OP0x6dp5OmT5jdx0JgEyPxPZZIPQpRN2TciUT7occw==", + "engines": { + "node": ">=12.0.0" + } + }, "node_modules/rehype-highlight/node_modules/lowlight": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/lowlight/-/lowlight-2.4.0.tgz", @@ -26297,14 +26280,6 @@ "string-width": "^4.1.0" } }, - "ansi-colors": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-4.1.1.tgz", - "integrity": "sha512-JoX0apGbHaUJBNl6yF+p6JAFYZ666/hhCGKN5t9QFjbJQKUU/g8MNbFDbvfrgKXvI1QpZplPOnwIo99lX/AAmA==", - "dev": true, - "optional": true, - "peer": true - }, "ansi-escapes": { "version": "4.3.2", "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-4.3.2.tgz", @@ -29094,17 +29069,6 @@ "tapable": "^2.2.0" } }, - "enquirer": { - "version": "2.3.6", - "resolved": "https://registry.npmjs.org/enquirer/-/enquirer-2.3.6.tgz", - "integrity": "sha512-yjNnPr315/FjS4zIsUxYguYUPP2e1NK4d7E7ZOLiyYCcbFBiTMyID+2wvm2w6+pZ/odMA7cRkjhsPbltwBOrLg==", - "dev": true, - "optional": true, - "peer": true, - "requires": { - "ansi-colors": "^4.1.1" - } - }, "ensure-posix-path": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/ensure-posix-path/-/ensure-posix-path-1.1.1.tgz", @@ -31041,9 +31005,9 @@ "dev": true }, "highlight.js": { - "version": "11.2.0", - "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.2.0.tgz", - "integrity": "sha512-JOySjtOEcyG8s4MLR2MNbLUyaXqUunmSnL2kdV/KuGJOmHZuAR5xC54Ko7goAXBWNhf09Vy3B+U7vR62UZ/0iw==" + "version": "11.4.0", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.4.0.tgz", + "integrity": "sha512-nawlpCBCSASs7EdvZOYOYVkJpGmAOKMYZgZtUqSRqodZE0GRVcFKwo1RcpeOemqh9hyttTdd5wDBwHkuSyUfnA==" }, "highlightjs-curl": { "version": "1.3.0", @@ -36861,6 +36825,11 @@ "format": "^0.2.0" } }, + "highlight.js": { + "version": "11.3.1", + "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-11.3.1.tgz", + "integrity": "sha512-PUhCRnPjLtiLHZAQ5A/Dt5F8cWZeMyj9KRsACsWT+OD6OP0x6dp5OmT5jdx0JgEyPxPZZIPQpRN2TciUT7occw==" + }, "lowlight": { "version": "2.4.0", "resolved": "https://registry.npmjs.org/lowlight/-/lowlight-2.4.0.tgz", diff --git a/package.json b/package.json index feca57e858d2..e43a16a77f1a 100644 --- a/package.json +++ b/package.json @@ -40,7 +40,7 @@ "hast-util-to-string": "^2.0.0", "hastscript": "^7.0.2", "helmet": "^4.6.0", - "highlight.js": "11.2.0", + "highlight.js": "11.4.0", "highlightjs-curl": "^1.3.0", "highlightjs-graphql": "^1.0.2", "hot-shots": "^9.0.0",