Skip to main content

About supply chain security for your enterprise

You can enable features that help your developers understand and update the dependencies their code relies on.

You can allow users to identify their projects' dependencies by enabling the dependency graph for GitHub Enterprise Serverインスタンス. For more information, see "Enabling the dependency graph for your enterprise."

You can also allow users on GitHub Enterprise Serverインスタンス to find and fix vulnerabilities in their code dependencies by enabling Dependabotアラート and Dependabot updates. 詳しい情報については「EnterpriseでのDependabotの有効化」を参照してください。

After you enable Dependabotアラート, you can view vulnerability data from the GitHub Advisory Database on GitHub Enterprise Serverインスタンス and manually sync the data. For more information, see "Viewing the vulnerability data for your enterprise."