GitHub Community

Accessibility Developer Guide: Getting Started with GitHub Copilot Custom Agents for Accessibility
Accessibility mlama007
Understanding Data Replication in High Availability Configurations for GitHub Enterprise Server
Discover: GitHub Best Practices regmontanhani
GitHub Community Discussions: Category Restructure Complete 🎉
Announcements samus-aran
[GHAS CodeQL Series] - Part 2: Implementing Alert-Mode Repository Rulesets
Discover: GitHub Best Practices vishaljsoni

Discussions

You must be logged in to vote

dependabot support for reusable workflows
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
brianmay asked Nov 24, 2021 in Code Security · Answered

8
You must be logged in to vote

🆕 Dependency Review Action (Beta) Feedback - [Update: Released]
📣 ANNOUNCEMENT Announcements from the GitHub Community team Beta A feature that is in preview per: https://github.com/orgs/community/discussions/141918 Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
courtneycl asked Apr 6, 2022 in Code Security · Closed · Answered

19
You must be logged in to vote

Dependabot alerts should support conventional major version tags with GitHub Actions
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure
bigdaz asked May 5, 2023 in Code Security · Answered

1
You must be logged in to vote

Dependency graph support for Gradle
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
vaibhawk-kr asked Feb 7, 2022 in Code Security · Answered

12
You must be logged in to vote

Respect granularity of SemVer tag previously used
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
bewuethr asked Mar 2, 2022 in Code Security · Answered

1
You must be logged in to vote

Dependabot cannot update this dependency (Private Registry)
Dependabot Automatically update dependencies to keep your project secure and up to date
zachwright asked Jun 16, 2020 in New to GitHub · Answered

13
You must be logged in to vote

Configure Dependabot to only create PRs for minor or patch updates
Dependabot Automatically update dependencies to keep your project secure and up to date
tflight asked Jun 11, 2020 in New to GitHub · Answered

4
You must be logged in to vote

Make dependabot less noizy
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
abitrolly asked Oct 7, 2021 in Code Security · Answered

1
You must be logged in to vote

Disable dependabot?
Dependabot Automatically update dependencies to keep your project secure and up to date
AstroSquared asked Nov 15, 2020 in New to GitHub · Answered

9
You must be logged in to vote

Do gradle dependencies submitted via dependency submission API receive Dependabot security alerts?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
tiurin asked Jan 27, 2023 in Code Security · Answered

3
You must be logged in to vote

How to turn off dependabot PRs but still get alerts?
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
nello asked Jul 11, 2022 in Code Security · Answered

9
You must be logged in to vote

Re-run dependabot workflows as another actor
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
gesellix asked Jul 28, 2022 in Actions · Answered

7
You must be logged in to vote

Why does GitHub not recognize my dependabot.yml file?
Dependabot Automatically update dependencies to keep your project secure and up to date New To GitHub 👋 New To GitHub
Andre601 asked Aug 3, 2022 in New to GitHub · Answered

15
You must be logged in to vote

Security overview - Security Managers
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Security Manager Manage and oversee your repository's security settings and alerts Product Feedback Share your thoughts and suggestions on GitHub features and improvements
samigt asked Mar 18, 2022 in Code Security · Answered

7
You must be logged in to vote

Actions not running in merge queue when enqueued by github-actions bot
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Question Ask and answer questions about GitHub features and usage
achilleas-k asked Oct 17, 2023 in Actions · Closed · Answered

3
You must be logged in to vote

What is external code execution in the insecure-external-code-execution option on Dependabot?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
yykamei asked Jun 21, 2023 in Code Security · Closed · Answered

8
You must be logged in to vote

GitHub-native Dependabot can't merge to protect branch
Dependabot Automatically update dependencies to keep your project secure and up to date
ZebraFlesh asked Aug 23, 2020 in New to GitHub · Answered

7
You must be logged in to vote

Issue with CODEOWNERS and Dependabot assignment of pull requests
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
tcelestino asked May 24, 2023 in Code Security · Answered

4
You must be logged in to vote

Dependabot daily job fail - "Update check cancelled' error
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations
DanyC97 asked Jun 23, 2023 in Enterprise · Closed · Answered

9
You must be logged in to vote

Dependabot should not do major updates by default
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
MattIPv4 asked Jan 22, 2022 in Code Security · Answered

4
You must be logged in to vote

dependabot: gradle audit
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked Apr 2, 2022 in Code Security · Answered

2
You must be logged in to vote

Dependabot security not working for Spring Boot
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
davidvieiratrustly asked Apr 22, 2022 in Code Security · Answered

4
You must be logged in to vote

Automatically resolve alerts that don't matter
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
mcandre asked May 24, 2022 in Code Security · Answered

1
You must be logged in to vote

Dependabot running when not enabled
Dependabot Automatically update dependencies to keep your project secure and up to date
rcowsill asked Dec 24, 2020 in New to GitHub · Answered

5
You must be logged in to vote

Opt-in to allow writable tokens on Dependabot workflows
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
asciimike asked Jun 1, 2021 in Actions · Answered

2