Discussions

• 2 You must be logged in to vote

  🤖

  Dependabot Now Supports Configuration of a Minimum Package Age 🤖

  Enhancement An idea, feature request, or improvement to a GitHub feature Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Discussions where community members share their projects, experiments, or accomplishments Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jul 8, 2025 in Code Security · Unanswered

  

  

  0
• 1 You must be logged in to vote

  🤖

  Dependabot: Single Pull Request for Multi-Ecosystem Support 🚀

  Enhancement An idea, feature request, or improvement to a GitHub feature Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Discussions where community members share their projects, experiments, or accomplishments Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jul 8, 2025 in Code Security · Unanswered

  

  

  0
• 2 You must be logged in to vote

  🤖

  Dependabot Metrics Page (Private Preview): Helping GHAS Code Security Users Prioritize Vulnerabilities

  🚀 Shipped A feature has been released 📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jun 24, 2025 in Code Security · Unanswered

  

  

  0
• 2 You must be logged in to vote

  🤖

  Dependabot Support for Gradle Lockfiles is Now Generally Available

  🚀 Shipped A feature has been released 📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jun 24, 2025 in Code Security · Unanswered

  

  

  2
• 3 You must be logged in to vote

  🤖

  ❕ Upcoming Change: Dependabot Compute Migration to GitHub Actions

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jun 23, 2025 in Code Security · Unanswered

  

  

  1
• 31 You must be logged in to vote

  🤖

  📣 Exciting news for GitHub Advanced Security!

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations GHAS Discussions related to GitHub Advanced Security Changelog A discussion post associated with a Changelog post

  tuves asked Mar 4, 2025 in Code Security · Unanswered

  

  

  

  

  37
• 4 You must be logged in to vote

  🤖

  Automatically Update Bun Dependencies with Dependabot

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Feb 25, 2025 in Code Security · Unanswered

  

  

  1
• 2 You must be logged in to vote

  🤖

  Automatically Update Docker Compose Dependencies with Dependabot ♻️

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Show & Tell Discussions where community members share their projects, experiments, or accomplishments Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Feb 25, 2025 in Code Security · Unanswered

  

  

  0
• 2 You must be logged in to vote

  🤖

  Introducing EPSS in Dependabot Alerts 🚀

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure

  ghostinhershell asked Feb 25, 2025 in Code Security · Unanswered

  

  

  1
• 4 You must be logged in to vote

  

  dependabot e-mails unreadable due to HTML escaping

  Bug GitHub or a GitHub feature is not working as intended Accessibility Making GitHub useable for members of the disability community Dependabot Automatically update dependencies to keep your project secure and up to date

  Malvineous asked Feb 24, 2025 in Accessibility · Unanswered

  

  

  

  

  6
• 6 You must be logged in to vote

  🤖

  [GA] Dependabot now supports pnpm workspace catalogs! 🎉

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Feb 5, 2025 in Code Security · Unanswered

  

  

  1
• 5 You must be logged in to vote

  🤖

  [Deprecation] Dependabot will no longer support npm v6

  📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post

  ghostinhershell asked Jan 23, 2025 in Code Security · Unanswered

  

  

  0
• 2 You must be logged in to vote

  🤖

  Add custom rules to dependabot

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  biohazd asked Apr 5, 2024 in Code Security · Closed · Unanswered

  

  

  1
• 4 You must be logged in to vote

  🤖

  What does Dependabot scan by default

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  biohazd asked Apr 5, 2024 in Code Security · Closed · Unanswered

  

  

  5
• 2 You must be logged in to vote

  🤖

  Dependabot alert keeps popping up even though the version used for the vulnerable action is higher than the fixed version

  Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure

  IceTDrinker asked Apr 2, 2024 in Code Security · Unanswered

  

  

  0
• 2 You must be logged in to vote

  🤖

  Dependabot Vulnerable call languages support

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  aviadchen asked Apr 2, 2024 in Code Security · Closed · Unanswered

  

  

  2
• 3 You must be logged in to vote

  🤖

  Dependabot Security Alerts should show the full path to the vulnerable dependency

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  viluon asked Mar 26, 2024 in Code Security · Unanswered

  

  

  0
• 1 You must be logged in to vote

  🤖

  Difference between "Dependabot Alerts" and "Repository Security Advisories"

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  pantelis-karamolegkos asked Mar 24, 2024 in Code Security · Closed · Unanswered

  

  

  1
• 6 You must be logged in to vote

  🤖

  No notifications for dependabot failures

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  pvanderlinden asked Mar 15, 2024 in Code Security · Closed · Unanswered

  

  

  1
• 1 You must be logged in to vote

  🤖

  minimal customisation of dependabot.yml

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  jonseymour asked Mar 7, 2024 in Code Security · Closed · Unanswered

  

  

  

  

  4
• 1 You must be logged in to vote

  🤖

  Dependabot security update can't connect to private registry magento repository

  Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure

  Flowster asked Feb 23, 2024 in Code Security · Unanswered

  

  

  1
• 12 You must be logged in to vote

  🤖

  The alert you requested has been withdrawn and is no longer available.

  Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage

  gsirris asked Feb 22, 2024 in Code Security · Closed · Unanswered

  

  

  

  

  4
• 1 You must be logged in to vote

  🚢

  Dependabot got added to some of my repositories automatically last week.

  Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.

  vinodkumarv13 asked Feb 16, 2024 in Actions · Closed · Unanswered

  

  

  1
• 2 You must be logged in to vote

  🗃️

  Dependabot errors when npmAlwaysAuth is true

  Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure npm Discussions around programming langages, open source and software development

  apgrucza asked Feb 13, 2024 in npm · Unanswered

  

  

  

  

  8
• 3 You must be logged in to vote

  ✔️

  Ability to Hide Dependabot Commits/Merges in Merge History

  Pull Requests Propose, review, and discuss changes to a repository's codebase Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements

  clement-godard asked Feb 5, 2024 in Pull Requests · Unanswered

  

  

  0