You signed in with another tab or window.Reload to refresh your session.You signed out in another tab or window.Reload to refresh your session.You switched accounts on another tab or window.Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.Learn more about bidirectional Unicode characters
Defines a **cooldown period** for dependency updates to delay updates for a configurable number of days. This feature enablesdependabot users to customize how often they receive new version updates, offering greater control over update frequency.
Defines a **cooldown period** for dependency updates to delay updates for a configurable number of days. This feature enables{% data variables.product.prodname_dependabot %} users to customize how often they receive new version updates, offering greater control over update frequency.
> [!NOTE]
> Cooldown is not applicable for security updates.
>
> Cooldown is not available for the **NuGet** ecosystem
### **How Cooldown Works**
* WhenDependabot runs updates as per defined schedule, it checks the **cooldown settings** to determine if new release for dependency is still within its cooldown period.
* When{% data variables.product.prodname_dependabot %} runs updates as per defined schedule, it checks the **cooldown settings** to determine if new release for dependency is still within its cooldown period.
* If new version release date is within the cooldown period, dependency version update is **filtered out** and will not be updated until the cooldown period expires.
* Once the cooldown period ends for new version, the dependency update proceeds based on the standard update strategy defined in `dependabot.yml`.
Without **`cooldown`** (default behaviour): {% data variables.product.prodname_dependabot %}
Without **`cooldown`** (default behaviour):
* Dependabot checks for updates according to the scheduled defined via `schedule.interval`.
* All new versions are considered for updates **immediately**.
With **`cooldown`** enabled:
*Dependabot checks for updates based on the defined `schedule.interval` settings.
*{% data variables.product.prodname_dependabot %} checks for updates based on the defined `schedule.interval` settings.
* **Releases within the cooldown period are ignored.**
*Dependabot updates the dependency to the latest available version **that are no longer in cooldown period** following the configured `versioning-strategy`.
*{% data variables.product.prodname_dependabot %} updates the dependency to the latest available version **that are no longer in cooldown period** following the configured `versioning-strategy`.
### **Cooldown Configuration**
Expand DownExpand Up
@@ -814,7 +816,7 @@
>
> * If `semver-major-days`, `semver-minor-days`, or `semver-patch-days` are not defined, `default-days` settings take precedence for cooldown based updates.
> * `semver-major-days`, `semver-minor-days`, and `semver-patch-days` are only applicable for [supported package managers](#semver-versioning).
> * The `exclude` list always take precedence over the `include` list. If a dependency is specified in both lists, it is excluded from cooldown and will be updated immediately.
Check warning on line 819 in content/code-security/dependabot/working-with-dependabot/dependabot-options-reference.md
View workflow job for this annotation
GitHub Actions/ lint-content
Note and warning tags should be formatted according to style guide
Do not include more than 2 bullet points inside a callout.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.