使用 Dependabot
有关使用 Dependabot 的指导和建议,例如管理 Dependabot 引发的拉取请求、将 GitHub Actions 与 Dependabot 配合使用,以及排查 Dependabot 错误。
管理依赖项更新的所有拉取请求
您可以按和其他拉取请求大致相同的方式管理 Dependabot 提出的拉取请求,但也有一些额外的选项。
Automating Dependabot with GitHub Actions
Examples of how you can use GitHub Actions to automate common Dependabot related tasks.
Keeping your actions up to date with Dependabot
You can use Dependabot to keep the actions you use updated to the latest versions.
Managing encrypted secrets for Dependabot
You can store sensitive information, like passwords and access tokens, as encrypted secrets and then reference these in the Dependabot configuration file.
Troubleshooting the detection of vulnerable dependencies
If the dependency information reported by GitHub Enterprise Server is not what you expected, there are a number of points to consider, and various things you can check.
Troubleshooting Dependabot errors
Sometimes Dependabot is unable to raise a pull request to update your dependencies. You can review the error and unblock Dependabot.