Self-serve enterprise accounts can now grant member organizations permission to create sponsorships. Sponsorships created by a member organization will charge the enterprise account's credit card on file.
Learn more about granting permissions.
You can now export data from the risk and coverage pages to a comma-separated values (CSV) file. This feature supports exporting repository-specific data based on applied filters.
Learn more about the risk and coverage pages and send us your feedback
Dependency review now works with your dependencies from the dependency submission API. Dependency review enforces policies around vulnerabilities and acceptable licenses in the pull request. Previously, dependency review could not be used with another feature of the dependency graph called the dependency submission API. The dependency submission API helps developers get a more accurate set of transitive dependencies, particularly for complex ecosystems like Gradle or Scala which require a build to resolve all transitive dependencies.
To take advantage of this improvement, update to the latest version of the dependency review action, or follow the instructions in our documentation.
For more information, see our documentation about dependency review, the dependency submission API, and some best practices for using dependency review and the dependency submission API together.