diff --git a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md index bf333cd4da53..92e780da1f3c 100644 --- a/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md +++ b/content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md @@ -750,27 +750,29 @@ The `url` parameter defines where to access a registry. When the optional `repla ## `cooldown` {% octicon "versions" aria-label="cooldown" height="24" %} -Defines a **cooldown period** for dependency updates to delay updates for a configurable number of days. This feature enables dependabot users to customize how often they receive new version updates, offering greater control over update frequency. +Defines a **cooldown period** for dependency updates to delay updates for a configurable number of days. This feature enables {% data variables.product.prodname_dependabot %} users to customize how often they receive new version updates, offering greater control over update frequency. > [!NOTE] > Cooldown is not applicable for security updates. +> +> Cooldown is not available for the **NuGet** ecosystem ### **How Cooldown Works** -* When Dependabot runs updates as per defined schedule, it checks the **cooldown settings** to determine if new release for dependency is still within its cooldown period. +* When {% data variables.product.prodname_dependabot %} runs updates as per defined schedule, it checks the **cooldown settings** to determine if new release for dependency is still within its cooldown period. * If new version release date is within the cooldown period, dependency version update is **filtered out** and will not be updated until the cooldown period expires. * Once the cooldown period ends for new version, the dependency update proceeds based on the standard update strategy defined in `dependabot.yml`. -Without **`cooldown`** (default behaviour): {% data variables.product.prodname_dependabot %} +Without **`cooldown`** (default behaviour): * Dependabot checks for updates according to the scheduled defined via `schedule.interval`. * All new versions are considered for updates **immediately**. With **`cooldown`** enabled: -* Dependabot checks for updates based on the defined `schedule.interval` settings. +* {% data variables.product.prodname_dependabot %} checks for updates based on the defined `schedule.interval` settings. * **Releases within the cooldown period are ignored.** -* Dependabot updates the dependency to the latest available version **that are no longer in cooldown period** following the configured `versioning-strategy`. +* {% data variables.product.prodname_dependabot %} updates the dependency to the latest available version **that are no longer in cooldown period** following the configured `versioning-strategy`. ### **Cooldown Configuration** @@ -824,7 +826,6 @@ With **`cooldown`** enabled: ### **Example `dependabot.yml` with cooldown** ```yaml copy - version: 2 updates: - package-ecosystem: "pip" diff --git a/package-lock.json b/package-lock.json index a08541746172..cef54b5d904f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -34,7 +34,7 @@ "cuss": "2.2.0", "dayjs": "^1.11.13", "dereference-json-schema": "^0.2.1", - "dotenv": "^16.4.7", + "dotenv": "^17.0.1", "escape-string-regexp": "5.0.0", "express": "^5.1.0", "fastest-levenshtein": "1.0.16", @@ -7299,10 +7299,9 @@ } }, "node_modules/dotenv": { - "version": "16.5.0", - "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.5.0.tgz", - "integrity": "sha512-m/C+AwOAr9/W1UOIZUo232ejMNnJAJtYQjUbHoNTBNTJSvqzzDh7vnrei3o3r3m9blf6ZoDkvcw0VmozNRFJxg==", - "license": "BSD-2-Clause", + "version": "17.0.1", + "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.0.1.tgz", + "integrity": "sha512-GLjkduuAL7IMJg/ZnOPm9AnWKJ82mSE2tzXLaJ/6hD6DhwGfZaXG77oB8qbReyiczNxnbxQKyh0OE5mXq0bAHA==", "engines": { "node": ">=12" }, diff --git a/package.json b/package.json index 205d36922a11..b3bb666d69a4 100644 --- a/package.json +++ b/package.json @@ -270,7 +270,7 @@ "cuss": "2.2.0", "dayjs": "^1.11.13", "dereference-json-schema": "^0.2.1", - "dotenv": "^16.4.7", + "dotenv": "^17.0.1", "escape-string-regexp": "5.0.0", "express": "^5.1.0", "fastest-levenshtein": "1.0.16", diff --git a/src/ai-editors/scripts/ai-edit.ts b/src/ai-editors/scripts/ai-edit.ts index ca3633acec4a..7af63bcc35df 100644 --- a/src/ai-editors/scripts/ai-edit.ts +++ b/src/ai-editors/scripts/ai-edit.ts @@ -8,7 +8,7 @@ import path from 'path' import ora from 'ora' import { callModelsApi } from '@/ai-editors/lib/call-models-api' import dotenv from 'dotenv' -dotenv.config() +dotenv.config({ quiet: true }) const __dirname = path.dirname(fileURLToPath(import.meta.url)) const promptDir = path.join(__dirname, '../prompts') diff --git a/src/fixtures/tests/playwright-rendering.spec.ts b/src/fixtures/tests/playwright-rendering.spec.ts index a190562b72ee..6f879ad0c1be 100644 --- a/src/fixtures/tests/playwright-rendering.spec.ts +++ b/src/fixtures/tests/playwright-rendering.spec.ts @@ -9,7 +9,7 @@ import { turnOffExperimentsInPage } from '../helpers/turn-off-experiments' // The `src/frame/start-server.ts` script uses dotenv too, but since Playwright // tests only interface with the server via HTTP, we too need to find // this out. -dotenv.config() +dotenv.config({ quiet: true }) const SEARCH_TESTS = !!process.env.ELASTICSEARCH_URL diff --git a/src/languages/lib/languages.js b/src/languages/lib/languages.js index 49de9ffb8171..fda143c60151 100644 --- a/src/languages/lib/languages.js +++ b/src/languages/lib/languages.js @@ -8,7 +8,7 @@ import dotenv from 'dotenv' import { ROOT, TRANSLATIONS_ROOT, TRANSLATIONS_FIXTURE_ROOT } from '#src/frame/lib/constants.js' -dotenv.config() +dotenv.config({ quiet: true }) const possibleEnvVars = { 'es-es': process.env.TRANSLATIONS_ROOT_ES_ES, diff --git a/src/workflows/github.ts b/src/workflows/github.ts index d8ff50f233c9..b089e44c2811 100644 --- a/src/workflows/github.ts +++ b/src/workflows/github.ts @@ -3,7 +3,7 @@ import { Octokit } from '@octokit/rest' import { retry } from '@octokit/plugin-retry' if (!process.env.GITHUB_TOKEN) { - dotenv.config() + dotenv.config({ quiet: true }) } const RetryingOctokit = Octokit.plugin(retry)