Trabalhando com Dependabot

Orientação e recomendações para trabalhar com Dependabot, como gerenciar pull requests levantados por Dependabot, usando GitHub Actions com Dependabot e solucionando erros de Dependabot.

Gerenciar pull requests para atualizações de dependências
Você gerencia pull requests criadas por Dependabot da mesma forma que outras pull requests, mas existem algumas opções extras.
Automating Dependabot with GitHub Actions
Examples of how you can use GitHub Actions to automate common Dependabot related tasks.
Keeping your actions up to date with Dependabot
You can use Dependabot to keep the actions you use updated to the latest versions.
Managing encrypted secrets for Dependabot
You can store sensitive information, like passwords and access tokens, as encrypted secrets and then reference these in the Dependabot configuration file.
Troubleshooting the detection of vulnerable dependencies
If the dependency information reported by GitHub Enterprise Server is not what you expected, there are a number of points to consider, and various things you can check.
Troubleshooting Dependabot errors
Sometimes Dependabot is unable to raise a pull request to update your dependencies. You can review the error and unblock Dependabot.

Trabalhando com Dependabot

Gerenciar pull requests para atualizações de dependências

Automating Dependabot with GitHub Actions

Keeping your actions up to date with Dependabot

Managing encrypted secrets for Dependabot

Troubleshooting the detection of vulnerable dependencies

Troubleshooting Dependabot errors