Skip to main content

This version of GitHub Enterprise will be discontinued on 2022-09-28. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

About supply chain security for your enterprise

You can enable features that help your developers understand and update the dependencies their code relies on.

You can allow users to identify their projects' dependencies by enabling the dependency graph for your GitHub Enterprise Server instance. For more information, see "Enabling the dependency graph for your enterprise."

You can also allow users on your GitHub Enterprise Server instance to find and fix vulnerabilities in their code dependencies by enabling Dependabot alerts. For more information, see "Enabling Dependabot for your enterprise."

After you enable Dependabot alerts, you can view vulnerability data from the GitHub Advisory Database on your GitHub Enterprise Server instance and manually sync the data. For more information, see "Viewing the vulnerability data for your enterprise."