Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot Security Updates (Server Beta) #86

Closed
github-product-roadmap opened this issue Jul 24, 2020 · 1 comment
Closed

Dependabot Security Updates (Server Beta) #86

github-product-roadmap opened this issue Jul 24, 2020 · 1 comment
Labels
beta Feature phase: Beta dependabot Feature: GitHub Dependabot github enterprise Product SKU: GitHub Enterprise server Available on Server shipped Shipped
Projects
GitHub public roadmap

Comments

@github-product-roadmap
Copy link
Collaborator

Summary
Dependabot Security Updates keep projects secure by opening pull requests that update dependencies to a non-vulnerable version.
This extends Dependabot Security Updates to GitHub Enterprise Server (GHES).

Intended Outcome
Update dependencies which have known vulnerabilities. This helps keep a project secure.

How will it work?
Today, Dependabot Security Updates automatically create a pull request in your repository to upgrade a vulnerable dependency to the minimum possible secure version needed to avoid the vulnerability. This is an automated action corresponding to Security Alerts in your repository, for repositories where Dependency Graph is enabled.
@github github locked and limited conversation to collaborators Jul 24, 2020
@github-product-roadmap github-product-roadmap added this to Q1 2021 – Jan-Mar in GitHub public roadmap Jul 24, 2020
@github-product-roadmap github-product-roadmap added beta Feature phase: Beta github enterprise Product SKU: GitHub Enterprise security & compliance Feature area: Code security and compliance server Available on Server labels Jul 24, 2020
@github-product-roadmap github-product-roadmap changed the title Dependabot Security Updates (server) Dependabot Security Updates (Server Beta) Sep 9, 2020
@Sid-ah Sid-ah removed the changed label Jan 13, 2021
@github-product-roadmap github-product-roadmap moved this from Q1 2021 – Jan-Mar to Q3 2021 – Jul-Sep in GitHub public roadmap Jan 13, 2021
@github-product-roadmap github-product-roadmap moved this from Q3 2021 – Jul-Sep to Q4 2021 – Oct-Dec in GitHub public roadmap May 12, 2021
@Sid-ah Sid-ah removed the tpm staffed label Jun 9, 2021
@Sid-ah Sid-ah added the dependabot Feature: GitHub Dependabot label Sep 27, 2021
@Sid-ah Sid-ah added the shipped Shipped label Dec 8, 2021
@Sid-ah
Copy link
Contributor

Sid-ah commented Dec 8, 2021

https://github.blog/2021-12-07-github-enterprise-server-3-3-is-generally-available/

@Sid-ah Sid-ah closed this as completed Dec 8, 2021
@github-product-roadmap github-product-roadmap removed the security & compliance Feature area: Code security and compliance label Jan 25, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
beta Feature phase: Beta dependabot Feature: GitHub Dependabot github enterprise Product SKU: GitHub Enterprise server Available on Server shipped Shipped
Projects
GitHub public roadmap
Archived in project
GitHub public roadmap
Q4 2021 – Oct-Dec
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Sid-ah @github-product-roadmap