Dependabot security updates now supports the Pub ecosystem, making it easier for you to fix vulnerable dependencies in your Dart or Flutter apps. With security updates enabled, Dependabot will automatically raise a pull request to update vulnerable Pub dependencies to the latest patched version.
Personalize your feed with activity filters, now available on GitHub Mobile!
Read more about GitHub Mobile and send us your feedback to help us improve.
GitHub's audit log allows organization and enterprise admins to quickly review the actions performed by members of their organization or enterprise. For Dependabot alerts, the audit log includes actions such as repository enablement, creation or reintroduction of alerts, dismissal of alerts, and resolving of alerts.
The audit log now supports the following improvements:
alert_number, ghsa_id, dismiss_reason, and dismiss_comment.This release is available for organization and enterprise admins (including GHES 3.7 and later).
For more information, view documentation on Dependabot alerts in the GitHub audit log.