Skip to main content

此版本的 GitHub Enterprise 已停止服务 2022-06-03. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

Configuring Dependabot alerts

Enable Dependabot 警报 to be generated when a new vulnerable dependency is found in one of your repositories.

About Dependabot 警报 for vulnerable dependencies

漏洞是项目代码中的问题,可能被利用来损害机密性、完整性或者该项目或其他使用其代码的项目的可用性。 漏洞的类型、严重性和攻击方法各不相同。

Dependabot scans code when a new advisory is added to the GitHub Advisory Database or the dependency graph for a repository changes. When vulnerable dependencies are detected, Dependabot 警报 are generated. For more information, see "About Dependabot 警报."

You can enable or disable Dependabot 警报 for:

  • Your personal account
  • Your repository
  • Your organization

Managing Dependabot 警报 for your personal account

Dependabot 警报 for your repositories can be enabled or disabled by your enterprise owner. For more information, see "Enabling Dependabot for your enterprise."

Managing Dependabot 警报 for your repository

Dependabot 警报 for your repository can be enabled or disabled by your enterprise owner. For more information, see "Enabling Dependabot for your enterprise."

Managing Dependabot 警报 for your organization

Dependabot 警报 for your organization can be enabled or disabled by your enterprise owner. For more information, see "About Dependabot for GitHub Enterprise Server."