Skip to content

Dependabot: `gradle` Kotlin and `composer` v2 support

Dependabot version updates now support

  • Kotlin manifest files like .gradle.kts (gradle)
  • PHP using the latest composer v2 (composer)

These are possible thanks to community contributions to Dependabot. If you’d like to contribute an improvement to Dependabot’s support for an existing ecosystem, check out Dependabot’s contributing guidelines. At this time, we’re taking a short break from accepting new ecosystem additions in order to update support for existing ecosystems.

To enable version updates and add support for these package managers, check in a dependabot.yml file with the specified package-ecosystem.

Starting today, GitHub Code Search will only index repositories that have had recent activity within the last year. Recent activity for a repository means that it has had a commit or has shown up in a search result. If the repository does not have any activity for an entire year, the repository will be purged from the Code Search index. This change will enable the most relevant content for developers to surface in the code search index as well as keeping code search queries fast for all customers.

For questions, visit the GitHub community

See more

Pull request auto-merge is now rolling out as a public beta! With auto-merge, pull requests can be automatically merged when all requirements for merging are met. No more waiting for long checks to finish just so you can press the merge button!

To use auto-merge, a repository maintainer or admin must first toggle on the repository setting to allow auto-merge (see steps). Then any user with write permission can enable or disable auto-merge by navigating to the pull request page.

Note that auto-merge can only be enabled on pull requests that target a branch protected by required reviews or status checks.

Learn more about pull request auto-merge

See more