GitHub Community

GitHub Community Discussions Billing & Subscription Guide 💳
General shinybrightstar
GHAS Code Security Series - Part 1: Setting Up Organization-Wide Code Scanning
Discover vishaljsoni
🌌 GitHub Universe 2025 Community Release Recap
Announcements ebndev
🚢 Upcoming Webinar: Recapping Universe 2025 releases
Announcements queenofcorgis

Sort by: Latest activity

Discussions

You must be logged in to vote

Give your priv.
Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Thomasrichard1122 asked Jun 7, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Suspended apps shouldn't trigger notifications for permission updates
Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
jsoref asked Jun 6, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Automatically resolve alerts that don't matter
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 24, 2022 in Code Security · Answered

1
You must be logged in to vote

Dependabot identifying fork openjck/whitenoise, needs to be evansd/whitenoise
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
jwhitlock asked May 31, 2022 in Code Security · Unanswered

0
You must be logged in to vote

dependabot fails to adapt when package.json is removed from a project
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 31, 2022 in Code Security · Unanswered

0
You must be logged in to vote

bad translation for 'dependency graph' in portuguese
Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Barbiero asked May 15, 2022 in Code Security · Unanswered

1
You must be logged in to vote

Secret scanning patterns on Enterprise level
Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations Product Feedback Share your thoughts and suggestions on GitHub features and improvements
tenjaa asked May 13, 2022 in Enterprise · Answered

2
You must be logged in to vote

Feature Request: Dependabot should include links to the GitHub Advisory Database entry in Pull Requests
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
al-the-x asked May 10, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot should issue one PR per solution (NuGet)
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Plasma asked May 8, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot security not working for Spring Boot
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
davidvieiratrustly asked Apr 22, 2022 in Code Security · Answered

4
You must be logged in to vote

Fails to recognize when ALL third party dependencies have been removed
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 4, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot incorrectly identifies installed Drupal core
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
dschmidtadv asked Apr 29, 2022 in Code Security · Unanswered

1
You must be logged in to vote

There has no official share button in the GitHub repository.
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
arafat13495 asked Apr 28, 2022 in Code Security · Answered

1
You must be logged in to vote

security theater
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked Apr 26, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot and Forks?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
srl295 asked Apr 13, 2022 in Code Security · Unanswered

1
You must be logged in to vote

Add separate setting for source branch
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Andre601 asked Apr 25, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Bulk-check system (Allow to trigger checks for all repos on your account)
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Andre601 asked Apr 25, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Vulnerability reachable in the code
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
samigt asked Mar 3, 2022 in Code Security · Answered

4
You must be logged in to vote

Document the version field required in dependabot.yaml
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
wolf99 asked Apr 19, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Confusing security reports
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked Apr 19, 2022 in Code Security · Unanswered

0
You must be logged in to vote

I cannot make dependabot works on my repository
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
kamontat asked Apr 18, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Intelligent severity scoring
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
sandstrom asked Mar 10, 2022 in Code Security · Answered

2
You must be logged in to vote

Does Github plan on changing the license for dependabot?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
meeple142 asked Apr 15, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot contributions license is unclear
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
edulix asked Apr 14, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Wrong dependencies
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
AlexBlandin asked Apr 14, 2022 in Code Security · Unanswered

1