GitHub helps you secure your supply chain, from understanding the dependencies in your environment, to knowing about vulnerabilities in those dependencies, and patching them.| GitHub Docs
You manage pull requests raised by Dependabot in much the same way as other pull requests, but there are some extra options.| GitHub Docs
Sometimes Dependabot is unable to raise a pull request to update your dependencies. You can review the error and unblock Dependabot.| GitHub Docs
You can create your own auto-triage rules to control which alerts are dismissed or snoozed, and which alerts you want Dependabot to open pull requests for.| GitHub Docs
Find and fix vulnerable dependencies you rely on with Dependabot.| GitHub Docs
You can use Dependabot security updates or manual pull requests to easily update vulnerable dependencies.| GitHub Docs
If the dependency information reported by GitHub is not what you expected, there are a number of points to consider, and various things you can check.| GitHub Docs
Dependabot can fix vulnerable dependencies for you by raising pull requests with security updates.| GitHub Docs
Manage access to your code. Find and fix vulnerable code and dependencies automatically.| GitHub Docs
You can configure your repository so that Dependabot automatically updates the packages you use.| GitHub Docs