GitHub Community

Maintainer Month Update: Tackling Contribution Noise and Giving Maintainers More Control
Announcements moraesc
All GitHub Copilot plans are now on usage-based billing
Copilot News and Announcements GitHub Community Admin
Webinar Series: Usage-Based Billing with Confidence
Announcements GitHub Community Admin
👾 Microsoft Build 2026 Community Recap
Copilot News and Announcements ebndev

Discussions

You must be logged in to vote

683579
Accessibility Making GitHub useable for members of the disability community Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
hussaindilwar3757-png asked Jun 9, 2026 in Accessibility · Unanswered

2
You must be logged in to vote

Can't access Dependabot alerts API via GitHub Action default token
Bug GitHub or a GitHub feature is not working as intended Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date
laughedelic asked Jul 11, 2023 in Actions · Unanswered

4
You must be logged in to vote

Dependency Graph includes dependencies from arbitrary root-level .txt files
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
grayguava asked Jun 8, 2026 in Code Security · Unanswered

1
You must be logged in to vote

Native API deprecation tracking — beyond CVE-based Dependabot alerts
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
Priyanka17solanki asked Jun 8, 2026 in Code Security · Unanswered

1
You must be logged in to vote

Code Security
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
Join-hu asked May 30, 2026 in Code Security · Unanswered

5
You must be logged in to vote

Is it possible to comment on dependabot alerts?
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
carlgieringer asked Sep 11, 2022 in Code Security · Unanswered

9
You must be logged in to vote

Dependabot Continuously to Failed Create Update Pulls
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure source:ui Discussions created via Community GitHub templates
MoYuan-CN asked May 14, 2026 in Code Security · Unanswered

1
You must be logged in to vote

Dependabot keeps suggesting pre-commit additional_dependencies: need ignore list
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
icemac asked May 11, 2026 in Code Security · Unanswered

4
You must be logged in to vote

Is there an Enterprise level Dashboard for Dependabot, Code Scanning, and Secret Scanning?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations Question Ask and answer questions about GitHub features and usage Enterprise Admin Topics specifically related to GitHub Enterprise administration
NadiaThePuggle asked Jun 29, 2023 in Enterprise · Unanswered

2
You must be logged in to vote

Bot
Bug GitHub or a GitHub feature is not working as intended Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Welcome 🎉 Used to greet and highlight first-time discussion participants. Welcome to the community! source:ui Discussions created via Community GitHub templates
veriferjp-coder asked May 4, 2026 in Code Security · Unanswered

1
You must be logged in to vote

Does not seem possible to exclude Dependabot security updates for a path without scheduling updates for the package ecosystem
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements source:ui Discussions created via Community GitHub templates
SamStephens asked Apr 29, 2026 in Code Security · Unanswered

1
You must be logged in to vote

Dependabot check in github actions
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
roisec asked Mar 3, 2022 in Code Security · Unanswered

3
You must be logged in to vote

Locking Down GitHub Enterprise: A Security-First Approach That Actually Works
Repositories The core of version-controlled code storage Apps API and Webhooks Discussions related to GitHub's APIs or Webhooks Security and Privacy Protect your repositories and data with GitHub's security and privacy features Dependabot Automatically update dependencies to keep your project secure and up to date Security Overview Summary of your repository's security status including vulnerabilities and security advisories Code Security Build security into your GitHub workflow with features to keep your codebase secure Enterprise Discussions related to GitHub Enterprise Cloud, Enterprise Server and Organizations GHAS Discussions related to GitHub Advanced Security Best Practices Best practices, tips & tricks, and articles from GitHub and its users Show & Tell Discussions where community members share their projects, experiments, or accomplishments OAuth apps User-based integrations with coarse-grained permissions GitHub Well-Architected Our definitive reference for applying design thinking when deploying the GitHub platform.
jmassardo started Dec 17, 2025 in Discover: GitHub Best Practices

19
You must be logged in to vote

[Dependabot] Sudden change in access required for dependabot commands. Is this documented?
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage
melink14 asked Feb 20, 2023 in Code Security · Closed · Unanswered

19
You must be logged in to vote

Feature request: Add a public API to determine if a project enabled dependabot security updates
Apps API and Webhooks Discussions related to GitHub's APIs or Webhooks Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
pnacht asked Jun 7, 2023 in Apps, API and Webhooks · Unanswered

3
You must be logged in to vote

best go config
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Question Ask and answer questions about GitHub features and usage source:ui Discussions created via Community GitHub templates
Rajdeep-Nemo asked Apr 11, 2026 in Code Security · Closed · Answered

2
You must be logged in to vote

Expose dependabot_malware_alerts in the REST API (security_and_analysis)
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements source:ui Discussions created via Community GitHub templates
OriginalMHV asked Apr 9, 2026 in Code Security · Unanswered

1
You must be logged in to vote

[GA] Dependabot now supports pnpm workspace catalogs! 🎉
📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post
ghostinhershell asked Feb 5, 2025 in Code Security · Unanswered

3
You must be logged in to vote

Dependabot dependency scope yarn support
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
David-Hart-i2 asked Jul 11, 2022 in Code Security · Unanswered

3
You must be logged in to vote

More detail on blog post "Dependabot now supports OIDC authentication"
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post
matthew-ryan-sp asked Feb 5, 2026 in Code Security · Answered

4
You must be logged in to vote

Automatically Update Bun Dependencies with Dependabot
📣 ANNOUNCEMENT Announcements from the GitHub Community team Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Changelog A discussion post associated with a Changelog post
ghostinhershell asked Feb 25, 2025 in Code Security · Unanswered

2
You must be logged in to vote

Configuring Dependabot with Reusable Workflows
Actions Build, test, and automate your deployment pipeline with world-class CI/CD Dependabot Automatically update dependencies to keep your project secure and up to date Best Practices Best practices, tips & tricks, and articles from GitHub and its users
joshjohanning started Sep 18, 2024 in Discover: GitHub Best Practices

2
You must be logged in to vote

Securing your public GitHub Repos for Free!
Dependabot Automatically update dependencies to keep your project secure and up to date Code Scanning Code scanning: our code analysis features, powered by the CodeQL engine Secret Scanning Detect and prevent the exposure of sensitive information in your code Code Security Build security into your GitHub workflow with features to keep your codebase secure GHAS Discussions related to GitHub Advanced Security Best Practices Best practices, tips & tricks, and articles from GitHub and its users
potaders started Jul 11, 2024 in Discover: GitHub Best Practices

5
You must be logged in to vote

Let Dependabot respect commit hashes
Dependabot Automatically update dependencies to keep your project secure and up to date Product Feedback Share your thoughts and suggestions on GitHub features and improvements
guerda asked Aug 11, 2022 in Code Security · Unanswered

1
You must be logged in to vote

Limiting of Version Leaps
Dependabot Automatically update dependencies to keep your project secure and up to date Code Security Build security into your GitHub workflow with features to keep your codebase secure Product Feedback Share your thoughts and suggestions on GitHub features and improvements
lwbrown42 asked Mar 29, 2022 in Code Security · Unanswered

1