Identifying vulnerabilities in your project's dependencies with Dependabot alerts
Dependabot generates Dependabot alerts when known vulnerabilities are detected in dependencies that your project uses.
Viewing and updating Dependabot alerts
If GitHub discovers insecure dependencies in your project, you can view details on the Dependabot alerts tab of your repository. Then, you can update your project to resolve or dismiss the alert.
Enabling delegated alert dismissal for Dependabot
Increase your governance over your Dependabot alerts with delegated alert dismissal.