back
loading skill details...
>-
Dependabot Configuration & Management Overview Dependabot is GitHub's built-in dependency management tool with three core capabilities: Dependabot Alerts — Notify when dependencies have known vulnerabilities (CVEs) Dependabot Security Updates — Auto-create PRs to fix vulnerable dependencies Dependabot Version Updates — Auto-create PRs to keep dependencies current All configuration lives in a single file: .github/dependabot.yml on the default branch. GitHub does not support multiple dependabot.yml files per repository. Configuration Workflow Follow this process when creating or optimizing a dependabot.yml: Step 1: Detect All Ecosystems Scan the repository for dependency manifests. Look for:
don't have the plugin yet? install it then click "run inline in claude" again.