Info messages for bypassing branch protections in Git

The dependency graph shows a summary of the manifest and lock files stored in a repository. The repository view has an updated user experience that includes:

• Search by package name from a paginated list of all dependencies
• Dependency licenses
• Dependabot alerts for dependencies, sorted by severity, and linking to the Dependabot alerts and the Dependabot updates pull request where applicable (only visible for users with priveleges to view the repository's Dependabot alerts)

Access a repository's dependency graph from Insights > Dependency graph.

• Learn more about the dependency graph

A software bill of materials (SBOM) is a standardized inventory of a software project's dependencies and associated metadata (versions, licenses, etc). You can now export your repository's dependency graph as an SBOM adhering to the SPDX 2.3 specification.

Click "Export SBOM" on a repository's dependency graph to generate an SBOM representing the head of the main branch. The resulting JSON file will download in your browser. Exporting an SBOM is free for all cloud repositories on GitHub, and can be performed by anyone with read access to a repository.

A supporting REST API to generate SBOMs for repositories will be available in the coming weeks.

• Learn more about the dependency graph
• Learn more about exporting a software bill of materials for your repository