This version of GitHub Enterprise Server will be discontinued on 2025-03-05. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise Server. For help with the upgrade, contact GitHub Enterprise support.

Prioritizing Dependabot alerts with Dependabot auto-triage rules

You can use Dependabot auto-triage rules to prioritize Dependabot alerts.

About Dependabot auto-triage rules

Dependabot auto-triage rules are a powerful tool to help you better manage your security alerts at scale. GitHub presets are rules curated by GitHub that you can use to filter out a substantial amount of false positives. Custom auto-triage rules provide control over which alerts are ignored, snoozed, or trigger a Dependabot security update to resolve the alert.

Using GitHub preset rules to prioritize Dependabot alerts

You can use GitHub presets, which are rules curated by GitHub, to auto-dismiss low impact development alerts for npm dependencies.

Customizing auto-triage rules to prioritize Dependabot alerts

You can create your own auto-triage rules to control which alerts are dismissed or snoozed, and which alerts you want Dependabot to open pull requests for.

Managing alerts that have been automatically dismissed by a Dependabot auto-triage rule

You can filter to see which alerts have been auto-dismissed by a rule, and you can reopen dismissed alerts.