GitHub Community
Can the Dependabot REST API for security alerts return a link to the pull request opened by dependabot? #172989
Unanswered
zausnerd
asked this question in
API and Webhooks
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Select Topic Area
Question
Body
Currently, when a Dependabot security alert is created in a repository, the REST API response (reference) does not provide any information about whether a pull request has been opened to address the alert.
However, in the GitHub UI, when viewing a security alert, there is a linked pull request (viewable by clicking "Review security update")
Is there any way to directly map the Dependabot security alert to the pull request? If not, could a field be added?
This feature would benefit anyone building security dashboards, compliance tooling, or CI/CD integrations that need to know when a vulnerability has been automatically addressed by a Dependabot PR.
Beta Was this translation helpful? Give feedback.
All reactions