This version of GitHub Enterprise will be discontinued on 2022-02-16. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Exploring the dependencies of a repository

You can use the dependency graph to see the packages your project depends on. In addition, you can see any vulnerabilities detected in its dependencies.

Viewing the dependency graph

The dependency graph shows the dependencies of your repository. For information about the detection of dependencies and which ecosystems are supported, see "About the dependency graph."

  1. On your GitHub Enterprise Server instance, navigate to the main page of the repository.
  2. Under your repository name, click Insights. Insights tab in the main repository navigation bar
  3. In the left sidebar, click Dependency graph. Dependency graph tab in the left sidebar

Enterprise owners can configure the dependency graph at an enterprise level. For more information, see "Enabling the dependency graph and Dependabot alerts on your enterprise account."

Dependencies view

Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to Dependabot alerts.

Dependencies graph

Note: GitHub Enterprise Server does not populate the Dependents view.

Troubleshooting the dependency graph

If your dependency graph is empty, there may be a problem with the file containing your dependencies. Check the file to ensure that it's correctly formatted for the file type.

If a manifest or lock file is not processed, its dependencies are omitted from the dependency graph and they can't be checked for vulnerable dependencies.

Further reading

Did this doc help you?

Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.