GitHub Community

GitHub Copilot is moving to usage-based billing
Copilot News and Announcements GitHub Community Admin
Make Your Dev Workflows Leaner: Optimize CI Minutes, Caching & Codespaces Efficiency 🚀
Codespaces shinybrightstar
🛠️ Show & Tell: What Custom Copilot Skills Have You Built? Share Your SKILL.md Files!
Copilot Conversations shinybrightstar
🌱 Maintainer Month is here (kickoff May 5th 📆)
Announcements samus-aran

Discussions

You must be logged in to vote

Depedabot failing to map npm package.json depenedncy tree after upgrading to lockfile version 3
Packages Host your dependencies, libraries, and production-ready code, right from your repository Dependabot Automatically update dependencies to keep your project secure and up to date New To GitHub 👋 New To GitHub
Senderek asked Feb 27, 2023 in New to GitHub · Unanswered

2
You must be logged in to vote

Dependabot.yml security updates for GitHub Actions
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
gabibguti asked Jan 24, 2023 in Code Security · Closed · Unanswered

1
You must be logged in to vote

Github App permissions to merge dependabot pull request
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
Khaaz asked Jan 16, 2023 in Actions · Closed · Unanswered

3
You must be logged in to vote

"Dependabot updates are paused" because "you haven't used Dependabot in a while"
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure
alexpdp7 asked Apr 1, 2023 in Code Security · Unanswered

8
You must be logged in to vote

Dependabot creates PRs for non-security updates
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
bisgardo asked Jul 5, 2023 in Code Security · Answered

2
You must be logged in to vote

Manually trigger a dependabot scan on my repo
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage inactive This discussion has been automatically marked as inactive. This was formerly labeled stale.
pantelis-karamolegkos asked Jul 27, 2023 in Code Security · Closed · Unanswered

2
You must be logged in to vote

Automatically resolve alerts that don't matter
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 24, 2022 in Code Security · Answered

1
You must be logged in to vote

dependabot fails to adapt when package.json is removed from a project
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 31, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependency graph with npm-shrinkwrap?
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
johnnaegle asked Aug 12, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot should not do major updates by default
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
MattIPv4 asked Jan 22, 2022 in Code Security · Answered

4
You must be logged in to vote

Meaning of Dependency Graph Dependabot tab "Enable Dependabot" button... Dependabot already enabled, why the button?
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
AshleyT3 asked Oct 14, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot identifying fork openjck/whitenoise, needs to be evansd/whitenoise
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
jwhitlock asked May 31, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Will dependabot still scan archived repo?
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Dingjie-Daniel-Yang asked Jan 14, 2022 in Apps, API and Webhooks · Answered

2
You must be logged in to vote

Opt-in to allow writable tokens on Dependabot workflows
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
asciimike asked Jun 1, 2021 in Actions · Answered

2
You must be logged in to vote

Can Repo "Last Update" sort have a filter option so that it doesn't show updates when made by dependabot?
Enhancement An idea, feature request, or improvement to a GitHub feature Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
Netchicken asked Jul 27, 2022 in Code Security · Unanswered

3
You must be logged in to vote

Dependabot running when not enabled
Dependabot Automatically update dependencies to keep your project secure and up to date
rcowsill asked Dec 24, 2020 in New to GitHub · Answered

5
You must be logged in to vote

GH Actions not triggering for Dependabot PRs
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
gerryfletch asked Oct 16, 2020 in Actions · Answered

1
You must be logged in to vote

Per-dependency reviewers and labels
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
dipth asked Feb 10, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Feature request: Ability to turn dependabot on/off per language
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
caleb15 asked Feb 8, 2022 in Code Security · Unanswered

4
You must be logged in to vote

Use code backticks in PR titles
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
jglick asked Mar 18, 2022 in Code Security · Unanswered

0
You must be logged in to vote

GraphQL query - Filter on severity for dependabot alerts
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
gj-kristian asked Mar 16, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Enterprise: Dependabot/Advanced Security with API/Policy in Organisation
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations Product Feedback Share your thoughts and suggestions on GitHub features and improvements Enterprise Admin Topics specifically related to GitHub Enterprise administration
Timmmy-nlb asked Nov 9, 2021 in Enterprise · Unanswered

0
You must be logged in to vote

Dependabot contributions license is unclear
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
edulix asked Apr 14, 2022 in Code Security · Unanswered

0
You must be logged in to vote

Dependabot security not working for Spring Boot
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
davidvieiratrustly asked Apr 22, 2022 in Code Security · Answered

4
You must be logged in to vote

security theater
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked Apr 26, 2022 in Code Security · Unanswered

0