Dependency review helps reviewers and contributors understand dependency changes and their security impact at every pull request. It provides an easy to understand view of dependency changes with a rich diff on the Files Changed tab of a pull request. Dependency review informs you of which dependencies were added, removed, or updated, along with the release dates, how many projects use these components and vulnerability information for these dependencies.

Dependency review beta is now available for all public repositories and part of GitHub Advanced Security for private repositories.

Open Dependency Review For Package Manifest

Learn more about reviewing dependency changes in a pull request