GitHub dependabot
Jump to navigation
Jump to search
↑ https://github.blog/2019-05-23-introducing-new-ways-to-keep-your-code-secure/
↑ https://github.blog/2020-09-30-code-scanning-is-now-available/
wikipedia:Dependabot (May 2019) automated dependency updates built into GitHub since May 2019.[1]
- Homepage: https://github.com/dependabot
- Configuration:
.github/dependabot.yml
- Options:
Contents
Changelog
Activities
- https://stackoverflow.com/questions/tagged/dependabot?tab=Votes
- Review Automerge: https://stackoverflow.com/questions/64116781/how-do-i-automerge-dependabot-updates-config-version-2
if: ${{ github.actor == 'dependabot[bot]' }}
Related
- Dependabot alerts
- GitHub security: GitHub code scanning (Sep 2020 [2])
- Semantic Versioning (semver)
- Amazon Inspector (Oct 2015)
npm audit
- GitHub Advanced Security include code scanning alerts
- Renovate bot
See also
- GitHub Dependabot, Dependabot alerts,
.github/dependabot.yml
- GitHub security, GitHub Advanced Security (GHAS), GitHub Security Advisory (GHSA), GitHub code scanning, GitHub dependabot, secret scanning, SECURITY.md
- Bot, Bad Bots, Renovate bot, Dependabot, Cloudflare Bot fight mode, ClaudeBot
Advertising: