Esta versión de GitHub Enterprise se discontinuará el 2021-09-23. No se realizarán lanzamientos de patch, ni siquiera para problemas de seguridad críticos. Para obtener un mejor desempeño, más seguridad y nuevas características, actualiza a la última versión de GitHub Enterprise. Para obtener ayuda con la actualización, contacta al soporte de GitHub Enterprise.

Configuring notifications for vulnerable dependencies

Optimize how you receive notifications about Dependabot de GitHub alerts.

About notifications for vulnerable dependencies

When Dependabot de GitHub detects vulnerable dependencies in your repositories, we generate a Dependabot de GitHub alert and display it on the Security tab for the repository. GitHub Enterprise notifies the maintainers of affected repositories about the new alert according to their notification preferences.

By default, if your site administrator has configured email for notifications on your enterprise, you will receive Alertas del Dependabot de GitHub by email.

Site administrators can also enable Alertas del Dependabot de GitHub without notifications. For more information, see "Enabling Alertas del Dependabot de GitHub for vulnerable dependencies on Servidor de GitHub Enterprise."

Configuring notifications for Alertas del Dependabot de GitHub

You can configure notification settings for yourself or your organization from the Manage notifications drop-down shown at the top of each page. For more information, see "Configuring notifications."

You can choose the delivery method for notifications about Alertas del Dependabot de GitHub on repositories that you are watching, as well as the frequency at which the notifications are sent to you.

By default, if your site administrator has configured email for notifications on your instance, you will receive Alertas del Dependabot de GitHub:

  • by email, an email is sent every time a vulnerability is found (Email each time a vulnerability is found option)
  • in the user interface, a warning is shown in your repository's file and code views if there are any vulnerable dependencies (UI alerts option)
  • on the command line, warnings are displayed as callbacks when you push to repositories with any vulnerable dependencies (Command Line option)
  • in your inbox, as web notifications (Web option)

You can customize the way you are notified about Alertas del Dependabot de GitHub. For example, you can receive a weekly digest email summarizing alerts for up to 10 of your repositories using the Email a digest summary of vulnerabilities and Weekly security email digest options.

Alertas del Dependabot de GitHub options

Note: You can filter your notifications on GitHub to show Dependabot de GitHub alerts. For more information, see "Managing notifications from your inbox."

Las notificaciones de correo electrónico para Alertas del Dependabot de GitHub que afecten a uno o más repositorios incluyen el campo de encabezado X-GitHub-Severity. Puedes utilizar el valor del campo de encabezado X-GitHub-Severity para filtrar las notificaciones de correo electrónico para Alertas del Dependabot de GitHub. For more information, see "Configuring notifications."

How to reduce the noise from notifications for vulnerable dependencies

If you are concerned about receiving too many notifications for Alertas del Dependabot de GitHub, we recommend you opt into the weekly email digest, or turn off notifications while keeping Alertas del Dependabot de GitHub enabled. You can still navigate to see your Alertas del Dependabot de GitHub in your repository's Security tab.

Further reading

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

O, learn how to contribute.