Exploring the dependencies of a repository

You can use the dependency graph to see the packages your project depends on. In addition, you can see any vulnerabilities detected in its dependencies.

Viewing the dependency graph

Your site administrator must enable Tu administrador de sitio debe habilitar las alertas de seguridad para las dependencias vulnerables de tu instancia de servidor de GitHub Enterprise para que puedas utilizar esta característica. Para obtener más información, consulta "Habilitar alertas de seguridad para dependencias vulnerables en el Servidor de GitHub Enterprise".

The dependency graph shows the dependencies of your repository. For information about the detection of dependencies and which ecosystems are supported, see "About the dependency graph."

  1. En GitHub Enterprise, visita la página principal del repositorio.
  2. Debajo de tu nombre de repositorio, da clic en Perspectivas. Pestaña de perspectivas en la barra de navegación del repositorio principal
  3. En la barra lateral izquierda, da clic en Gráfica de dependencias. Pestaña de gráfica de dependencias en la barra lateral izquierda

Dependencies view

Any direct and indirect dependencies that are specified in the repository's manifest or lock files are listed, grouped by ecosystem. If vulnerabilities have been detected in the repository, these are shown at the top of the view for users with access to Alertas del Dependabot de GitHub.

Dependencies graph

Note: Servidor de GitHub Enterprise does not populate the Dependents view.

Troubleshooting the dependency graph

If your dependency graph is empty, there may be a problem with the file containing your dependencies. Check the file to ensure that it's correctly formatted for the file type.

If a manifest or lock file is not processed, its dependencies are omitted from the dependency graph and they can't be checked for vulnerable dependencies.

Further reading

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

O, learn how to contribute.