From 3de65d4140e6610aa0ec7052dd0dcb5e580e12b7 Mon Sep 17 00:00:00 2001 From: Daniel Brown Date: Mon, 6 Apr 2026 22:27:32 +0200 Subject: [PATCH 1/2] fix dependabot python package manager versions --- .../supply-chain-security/dependabot-options-reference.md | 6 +++--- data/reusables/dependabot/supported-package-managers.md | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/content/code-security/reference/supply-chain-security/dependabot-options-reference.md b/content/code-security/reference/supply-chain-security/dependabot-options-reference.md index 2a32f681669b..f298930b69f2 100644 --- a/content/code-security/reference/supply-chain-security/dependabot-options-reference.md +++ b/content/code-security/reference/supply-chain-security/dependabot-options-reference.md @@ -542,11 +542,11 @@ Package manager | YAML value | Supported versions | | {% ifversion dependabot-opentofu-support %} | | OpenTofu | `opentofu` | Not applicable | | {% endif %} | -| pip| `pip` | v24.2 | +| pip | `pip` | 24.2 | | pip-compile | `pip` | 7.4.1 | -| pipenv | `pip` | <= 2024.4.1 | +| pipenv | `pip` | 2024.4.1 | | pnpm | `npm` | v7, v8
v9, v10 (version updates only) | -| poetry | `pip` | v2 | +| poetry | `pip` | 2.2.1 | | {% ifversion dependabot-pre-commit-support %} | | pre-commit | `pre-commit` | Not applicable | | {% endif %} | diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md index d8901934605f..82261bdfd1a1 100644 --- a/data/reusables/dependabot/supported-package-managers.md +++ b/data/reusables/dependabot/supported-package-managers.md @@ -38,11 +38,11 @@ npm | `npm` | v7, v8, v9, v10, v11 | {% octicon "check" | {% ifversion dependabot-opentofu-support %} | [OpenTofu](#opentofu) | `opentofu` | Not applicable | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | Not applicable | | {% endif %} | -[pip](#pip-and-pip-compile) | `pip` | v21.1.2 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | -pipenv | `pip` | <= 2021-05-29 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +[pip](#pip-and-pip-compile) | `pip` | 24.2 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +pipenv | `pip` | <= 2024.4.1 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | [pip-compile](#pip-and-pip-compile) | `pip` | 6.1.0 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | | {% ifversion dependabot-updates-pnpmv9-support %}pnpm{% else %}[pnpm](#pnpm){% endif %} | `npm` | v7, v8, v9, v10 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} {% ifversion dependabot-updates-pnpmv9-support %}{% else %}(v7 and v8 only){% endif %}| {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | -poetry | `pip` | v1 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +poetry | `pip` | 2.2.1 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | | {% ifversion dependabot-pre-commit-support %} | [pre-commit](#pre-commit) | `pre-commit` | Not applicable | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | | {% endif %} | From 0e5c1d79b50f719d091be57af97a8f7258f3f2ef Mon Sep 17 00:00:00 2001 From: Sharra-writes Date: Thu, 9 Apr 2026 15:02:26 -0700 Subject: [PATCH 2/2] Apply suggestion from @kbukum1 Co-authored-by: kbukum1 --- data/reusables/dependabot/supported-package-managers.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md index 82261bdfd1a1..64c18817ba47 100644 --- a/data/reusables/dependabot/supported-package-managers.md +++ b/data/reusables/dependabot/supported-package-managers.md @@ -40,7 +40,7 @@ npm | `npm` | v7, v8, v9, v10, v11 | {% octicon "check" | {% endif %} | [pip](#pip-and-pip-compile) | `pip` | 24.2 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | pipenv | `pip` | <= 2024.4.1 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | -[pip-compile](#pip-and-pip-compile) | `pip` | 6.1.0 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | +[pip-compile](#pip-and-pip-compile) | `pip` | 7.5.3 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | | {% ifversion dependabot-updates-pnpmv9-support %}pnpm{% else %}[pnpm](#pnpm){% endif %} | `npm` | v7, v8, v9, v10 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} {% ifversion dependabot-updates-pnpmv9-support %}{% else %}(v7 and v8 only){% endif %}| {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | poetry | `pip` | 2.2.1 | {% octicon "check" aria-label="Supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | {% octicon "check" aria-label="Supported" %} | {% octicon "x" aria-label="Not supported" %} | | {% ifversion dependabot-pre-commit-support %} |