Skip to content

Dependency review now supports filtering and commit diffs

Dependency review, in beta, helps you review dependency changes in your pull requests. But how do you find your package manifests amongst all the other files? Now you can filter the files in pull requests to see just the package manifests:

Screenshot of pull request manifest filter

What if you don’t have a pull request at all? Now you can review dependency changes between any two commits, such as:

  • During the creation of a pull request,
  • When comparing two branches, tags, or specific commits, and
  • When viewing the history of a package manifest.

GIF of dependency review on commit diff

Learn more about reviewing dependency changes in pull requests.

We now group multiple Dependabot alerts together if they're discovered at the same time. This significantly reduces the volume of Dependabot alert notifications that users receive.

A user with admin permissions to a repository or who has been granted access to a repository's Dependabot alerts will receive a notification regarding Dependabot alerts when:

  • Dependabot is first enabled on a repository.
  • Vulnerable dependencies are added to a repository.
  • A new vulnerability is discovered and added to GitHub's Advisory Database. This will send a notification including all repositories in an organization.

The new notification format is automatically enabled for repositories where you receive Dependabot alert notifications. These apply to email, web, and mobile notifications.

Learn more about configuring your Dependabot alert notifications

See more

A dimmed theme, with a more subdued UI with a little less contrast than our dark mode theme, is now available to all users as a public beta. This update also includes new appearance settings to give you more control over which theme displays during the day and night. Opt-in to the beta by enabling the theme in your Feature Preview settings, located in the profile menu dropdown. Once the Feature Preview has been enabled, navigate to the "Appearance" tab in your profile settings to choose your preferred theme setting.

Share feedback

Screenshot of GitHub dimmed theme

See more