You can browse the GitHub Advisory Database to find advisories for security risks in open source projects that are hosted on GitHub.
您可以对 GitHub Advisory Database 中发布的任何公告提出改进建议。
GitHub sends Dependabot 警报 when we detect that your repository uses a vulnerable dependency.
Enable Dependabot 警报 to be generated when a new vulnerable dependency is found in one of your repositories.
If GitHub discovers insecure dependencies in your project, you can view details on the Dependabot alerts tab of your repository. Then, you can update your project to resolve or dismiss the alert.
优化接收 Dependabot 警报 相关通知的方式。