About Dependabot 警报 for vulnerable dependencies
漏洞是项目代码中的问题,可能被利用来损害机密性、完整性或者该项目或其他使用其代码的项目的可用性。 漏洞的类型、严重性和攻击方法各不相同。
Dependabot scans code when a new advisory is added to the GitHub Advisory Database or the dependency graph for a repository changes. When vulnerable dependencies are detected, Dependabot 警报 are generated. For more information, see "About Dependabot 警报."
You can enable or disable Dependabot 警报 for:
- Your personal account
- Your repository
- Your organization
Managing Dependabot 警报 for your personal account
Dependabot 警报 for your repositories can be enabled or disabled by your enterprise owner. For more information, see "Enabling Dependabot for your enterprise."
Managing Dependabot 警报 for your repository
Dependabot 警报 for your repository can be enabled or disabled by your enterprise owner. For more information, see "Enabling Dependabot for your enterprise."
Managing Dependabot 警报 for your organization
Dependabot 警报 for your organization can be enabled or disabled by your enterprise owner. For more information, see "About Dependabot for GitHub Enterprise Server."