You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/code-security/dependabot/working-with-dependabot/managing-pull-requests-for-dependency-updates.md
+23-19Lines changed: 23 additions & 19 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -57,18 +57,20 @@ By default, {% data variables.product.prodname_dependabot %} will stop rebasing
57
57
58
58
You can use any of the following commands on a {% data variables.product.prodname_dependabot %} pull request.
59
59
60
-
*`@dependabot cancel merge` cancels a previously requested merge.
61
-
*`@dependabot close` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from recreating that pull request. You can achieve the same result by closing the pull request manually.
62
-
*`@dependabot ignore this dependency` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this dependency (unless you reopen the pull request or upgrade to the suggested version of the dependency yourself).
63
-
*`@dependabot ignore this major version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this major version (unless you reopen the pull request or upgrade to this major version yourself).
64
-
*`@dependabot ignore this minor version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this minor version (unless you reopen the pull request or upgrade to this minor version yourself).
65
-
*`@dependabot ignore this patch version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this patch version (unless you reopen the pull request or upgrade to this patch version yourself).
66
-
*`@dependabot merge` merges the pull request once your CI tests have passed.
67
-
*`@dependabot rebase` rebases the pull request.
68
-
*`@dependabot recreate` recreates the pull request, overwriting any edits that have been made to the pull request.
69
-
*`@dependabot reopen` reopens the pull request if the pull request is closed.
70
-
*`@dependabot show DEPENDENCY_NAME ignore conditions` retrieves information on the ignore conditions for the specified dependency, and comments on the pull request with a table that displays all ignore conditions for the dependency. For example, `@dependabot show express ignore conditions` would find all `ignore` conditions stored for the Express dependency, and comment on the pull request with that information.
71
-
*`@dependabot squash and merge` squashes and merges the pull request once your CI tests have passed.
60
+
| Command | Description |
61
+
| --- | --- |
62
+
|`@dependabot cancel merge`| Cancels a previously requested merge. |
63
+
|`@dependabot close`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from recreating that pull request. You can achieve the same result by closing the pull request manually. |
64
+
|`@dependabot ignore this dependency`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this dependency (unless you reopen the pull request or upgrade to the suggested version yourself). |
65
+
|`@dependabot ignore this major version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this major version (unless you reopen the pull request or upgrade to this major version yourself). |
66
+
|`@dependabot ignore this minor version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this minor version (unless you reopen the pull request or upgrade to this minor version yourself). |
67
+
|`@dependabot ignore this patch version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from creating any more pull requests for this patch version (unless you reopen the pull request or upgrade to this patch version yourself). |
68
+
|`@dependabot merge`| Merges the pull request once your CI tests have passed. |
69
+
|`@dependabot rebase`| Rebases the pull request. |
70
+
|`@dependabot recreate`| Recreates the pull request, overwriting any edits that have been made to the pull request. |
71
+
|`@dependabot reopen`| Reopens the pull request if the pull request is closed. |
72
+
|`@dependabot show DEPENDENCY_NAME ignore conditions`| Retrieves information on the ignore conditions for the specified dependency, and comments on the pull request with a table that displays all ignore conditions for the dependency. For example, `@dependabot show express ignore conditions` would find all `ignore` conditions stored for the Express dependency, and comment on the pull request with that information. |
73
+
|`@dependabot squash and merge`| Squashes and merges the pull request once your CI tests have passed. |
72
74
73
75
{% data variables.product.prodname_dependabot %} will react with a "thumbs up" emoji to acknowledge the command, and may respond with a comment on the pull request. While {% data variables.product.prodname_dependabot %} usually responds quickly, some commands may take several minutes to complete if {% data variables.product.prodname_dependabot %} is busy processing other updates or commands.
74
76
@@ -80,13 +82,15 @@ For more information, see [AUTOTITLE](/code-security/dependabot/working-with-dep
80
82
81
83
In {% data variables.product.prodname_dependabot %} pull requests for grouped version updates and security updates, you can use comment commands to ignore and un-ignore updates for specific dependencies and versions. You can use any of the following commands to manage ignore conditions for grouped updates.
82
84
83
-
*`@dependabot ignore DEPENDENCY_NAME` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency.
84
-
*`@dependabot ignore DEPENDENCY_NAME major version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's major version.
85
-
*`@dependabot ignore DEPENDENCY_NAME minor version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's minor version.
86
-
*`@dependabot ignore DEPENDENCY_NAME patch version` closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's patch version.
87
-
*`@dependabot unignore *` closes the current pull request, clears all `ignore` conditions stored for all dependencies in the group, then opens a new pull request.
88
-
*`@dependabot unignore DEPENDENCY_NAME` closes the current pull request, clears all `ignore` conditions stored for the dependency, then opens a new pull request that includes available updates for the specified dependency. For example, `@dependabot unignore lodash` would open a new pull request that includes updates for the Lodash dependency.
89
-
*`@dependabot unignore DEPENDENCY_NAME IGNORE_CONDITION` closes the current pull request, clears the stored `ignore` condition, then opens a new pull request that includes available updates for the specified ignore condition. For example, `@dependabot unignore express [< 1.9, > 1.8.0]` would open a new pull request that includes updates for Express between versions 1.8.0 and 1.9.0.
85
+
| Command | Description |
86
+
| --- | --- |
87
+
|`@dependabot ignore DEPENDENCY_NAME`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency. |
88
+
|`@dependabot ignore DEPENDENCY_NAME major version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's major version. |
89
+
|`@dependabot ignore DEPENDENCY_NAME minor version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's minor version. |
90
+
|`@dependabot ignore DEPENDENCY_NAME patch version`| Closes the pull request and prevents {% data variables.product.prodname_dependabot %} from updating this dependency's patch version. |
91
+
|`@dependabot unignore *`| Closes the current pull request, clears all `ignore` conditions stored for all dependencies in the group, then opens a new pull request. |
92
+
|`@dependabot unignore DEPENDENCY_NAME`| Closes the current pull request, clears all `ignore` conditions stored for the dependency, then opens a new pull request that includes available updates for the specified dependency. For example, `@dependabot unignore lodash` would open a new pull request that includes updates for the Lodash dependency. |
93
+
|`@dependabot unignore DEPENDENCY_NAME IGNORE_CONDITION`| Closes the current pull request, clears the stored `ignore` condition, then opens a new pull request that includes available updates for the specified ignore condition. For example, `@dependabot unignore express [< 1.9, > 1.8.0]` would open a new pull request that includes updates for Express between versions 1.8.0 and 1.9.0. |
90
94
91
95
> [!TIP]
92
96
> When you want to un-ignore a specific ignore condition, use the `@dependabot show DEPENDENCY_NAME ignore conditions` command to quickly check what ignore conditions a dependency currently has.
0 commit comments