Grouped Dependabot alert notifications

We now group multiple Dependabot alerts together if they're discovered at the same time. This significantly reduces the volume of Dependabot alert notifications that users receive.

A user with admin permissions to a repository or who has been granted access to a repository's Dependabot alerts will receive a notification regarding Dependabot alerts when:

Dependabot is first enabled on a repository.
Vulnerable dependencies are added to a repository.
A new vulnerability is discovered and added to GitHub's Advisory Database. This will send a notification including all repositories in an organization.

The new notification format is automatically enabled for repositories where you receive Dependabot alert notifications. These apply to email, web, and mobile notifications.

Learn more about configuring your Dependabot alert notifications

MAY.7Improvement
Repository rulesets: User bypass and branch renaming
- Platform Governance
APR.16Improvement
Rule insights dashboard and unified filter bar
- Platform Governance
APR.9Improvement
New Low Quality option in the Hide comment menu
- Platform Governance
FEB.17Improvement
Custom properties and rule insights improvements
- Platform Governance
SEP.10Improvement
GitHub ruleset exemptions and repository insights updates
- Platform Governance
SEP.1Improvement
GraphQL API resource limits
- Platform Governance
JUL.21Improvement
Including timeouts in primary rate limits
- Platform Governance
APR.22Improvement
Updates to security configuration settings for customers in existing grace periods
- Platform Governance
APR.9Improvement
Push rule delegated bypass and custom property regex support are generally available and repository policy delegated bypass is in preview
- Platform Governance

Grouped Dependabot alert notifications

Related Posts

Subscribe to our developer newsletter