From d4228b43909bf590b7af6de911e87df22103d0ac Mon Sep 17 00:00:00 2001
From: Jordan <36743739+DanGM96@users.noreply.github.com>
Date: Tue, 24 Feb 2026 13:46:50 -0300
Subject: [PATCH] Update dependabot.yml file naming information

Clarified that the dependabot configuration file can be named dependabot.yaml in addition to dependabot.yml.

References:
- https://github.com/dependabot/feedback/issues/874
- https://github.com/yaml/go-yaml/blob/main/.github/dependabot.yaml
---
 .../supply-chain-security/about-the-dependabot-yml-file.md      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/code-security/concepts/supply-chain-security/about-the-dependabot-yml-file.md b/content/code-security/concepts/supply-chain-security/about-the-dependabot-yml-file.md
index 95c7bf7fb99b..75386e3f00dd 100644
--- a/content/code-security/concepts/supply-chain-security/about-the-dependabot-yml-file.md
+++ b/content/code-security/concepts/supply-chain-security/about-the-dependabot-yml-file.md
@@ -46,7 +46,7 @@ The `dependabot.yml` file controls how {% data variables.product.prodname_depend
 
 ## Where to store the `dependabot.yml` file
 
-You must store this file in the `.github` directory of your repository in the default branch (typically `main`). The path is:  `.github/dependabot.yml`.
+You must store this file in the `.github` directory of your repository in the default branch (typically `main`). The path is:  `.github/dependabot.yml` (you can also use `.github/dependabot.yaml`).
 
 ## How the `dependabot.yml` file works