Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot Security Updates (Server Beta) #86

Closed
github-product-roadmap opened this issue Jul 24, 2020 · 1 comment
Closed

Dependabot Security Updates (Server Beta) #86

github-product-roadmap opened this issue Jul 24, 2020 · 1 comment
Labels
dependabot Feature: GitHub Dependabot Enterprise Product SKU: GitHub Enterprise preview Feature phase: Preview server Available on Server shipped Shipped

Comments

@github-product-roadmap
Copy link
Collaborator

Summary
Dependabot Security Updates keep projects secure by opening pull requests that update dependencies to a non-vulnerable version.
This extends Dependabot Security Updates to GitHub Enterprise Server (GHES).

Intended Outcome
Update dependencies which have known vulnerabilities. This helps keep a project secure.

How will it work?
Today, Dependabot Security Updates automatically create a pull request in your repository to upgrade a vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. This is an automated action corresponding to Security Alerts in your repository, for repositories where Dependency Graph is enabled.
@github github locked and limited conversation to collaborators Jul 24, 2020
@github-product-roadmap github-product-roadmap added preview Feature phase: Preview Enterprise Product SKU: GitHub Enterprise security & compliance server Available on Server labels Jul 24, 2020
@github-product-roadmap github-product-roadmap changed the title Dependabot Security Updates (server) Dependabot Security Updates (Server Beta) Sep 9, 2020
@Sid-ah Sid-ah removed the changed label Jan 13, 2021
@Sid-ah Sid-ah removed the tpm staffed label Jun 9, 2021
@Sid-ah Sid-ah added the dependabot Feature: GitHub Dependabot label Sep 27, 2021
@Sid-ah Sid-ah moved this to Q4 2021 – Oct-Dec in GitHub Public Roadmap Oct 8, 2021
@Sid-ah Sid-ah added the shipped Shipped label Dec 8, 2021
@Sid-ah
Copy link
Contributor

Sid-ah commented Dec 8, 2021

https://github.blog/2021-12-07-github-enterprise-server-3-3-is-generally-available/

@Sid-ah Sid-ah closed this as completed Dec 8, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
dependabot Feature: GitHub Dependabot Enterprise Product SKU: GitHub Enterprise preview Feature phase: Preview server Available on Server shipped Shipped
Projects
GitHub Public Roadmap
Archived in project
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sid-ah @github-product-roadmap