This repo contains some projects with outdated dependencies. Fork it to try out
Dependabot !
- In your fork, click the Settings tab
- In the left hand side navigation, click Code security and analysis
- Enable Dependabot security updates or Grouped security updates
- Dependabot will now start creating PRs for detected security vulnerabilities
- Go into the Security tab and click Dependabot in the left hand side navigation to see what Dependabot is working on
![screenshot showing Dependabot working on Security Updates](https://private-user-images.githubusercontent.com/886768/328919247-9295c61a-631b-4c56-9c00-ff078874f362.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIzNDIxNjEsIm5iZiI6MTcyMjM0MTg2MSwicGF0aCI6Ii84ODY3NjgvMzI4OTE5MjQ3LTkyOTVjNjFhLTYzMWItNGM1Ni05YzAwLWZmMDc4ODc0ZjM2Mi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzMwJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDczMFQxMjE3NDFaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT1mOWRhNmQ0NDliNjdmYjI3YzFiZWY0MTA2OThkM2EyNWU4OTU3YWM4MWRiZjMwYzgzMzhiYzk2NmU4YjNjZWJkJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.AkO339G1q0svoY8CJoylVH9o5p0vLRxAYs4NvA-XDV0)
After about 5 minutes you should see some PRs open. Merge them and the Securty Alerts will close ๐
This demo includes a dependabot.yml
which configures Version Updates, but forks don't automatically start with Dependabot enabled.
The enable Dependabot on your fork:
- Click the Insights tab
- In the left hand side navigation, click Dependency Graph
- Click on the Dependabot tab
- Click on the Enable Dependabot button
- After a moment, refresh the page and you should see Dependabot hard at work
![screenshot showing Dependabot working on Version Updates](https://private-user-images.githubusercontent.com/886768/328919645-4adf5727-255a-4ae1-97f7-70e94dc1134b.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIzNDIxNjEsIm5iZiI6MTcyMjM0MTg2MSwicGF0aCI6Ii84ODY3NjgvMzI4OTE5NjQ1LTRhZGY1NzI3LTI1NWEtNGFlMS05N2Y3LTcwZTk0ZGMxMTM0Yi5wbmc_WC1BbXotQWxnb3JpdGhtPUFXUzQtSE1BQy1TSEEyNTYmWC1BbXotQ3JlZGVudGlhbD1BS0lBVkNPRFlMU0E1M1BRSzRaQSUyRjIwMjQwNzMwJTJGdXMtZWFzdC0xJTJGczMlMkZhd3M0X3JlcXVlc3QmWC1BbXotRGF0ZT0yMDI0MDczMFQxMjE3NDFaJlgtQW16LUV4cGlyZXM9MzAwJlgtQW16LVNpZ25hdHVyZT05OTQyNTk3OWFhNGQzOThhZjBjYTI5YjNjNmU2YThiM2E2YWQ4OGY4YmI3NzA3OWE5NjI4NTA5MWMyYTJmYzExJlgtQW16LVNpZ25lZEhlYWRlcnM9aG9zdCZhY3Rvcl9pZD0wJmtleV9pZD0wJnJlcG9faWQ9MCJ9.MQu6toCu3TXkwnzRDenkvtSPvUnsfXJWILdpxoRPNsM)
After a few minutes, you should get some more PRs!