How to allow Dependabot access to private repos? Docs are incorrect #65501
Replies: 2 comments 3 replies
-
Hi I believe only organization owners will be able to view the Code security and analysis section. You can grant access by following the instructions in https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-security-and-analysis-settings-for-your-repository#granting-access-to-security-alerts If you're trying to grant Dependabot access to private repositories within your organization, you can alternatively configure a
|
Beta Was this translation helpful? Give feedback.
-
🕒 Discussion Activity Reminder 🕒 This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions: 1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as 2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own. 3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution. Note: This dormant notification will only apply to Discussions with the Thank you for helping bring this Discussion to a resolution! 💬 |
Beta Was this translation helpful? Give feedback.
-
Select Topic Area
Question
Body
I have recently added Dependabot to a Swift project, which pulls in several dependencies via SPM, by accessing the GitHub URLs directly for some external as well as some private internal repos. However, I've yet to get it to work due to the private repos it is attempting to access. In the Dependabot logs, I see that it first gets a 404 accessing the private repo with default auth, followed by a 401 when it tries again without auth.
Digging around the docs, I found that a setting for this is supposed to exist in an organizational setting under Code security and analysis section called "Grant Dependabot private repository access", which allows one to add the private repositories you want Dependabot to have access to. However, this setting does not exist in the two different organizations I've looked in (the one having the error, as well as a separate one I have access to), so I've been unable to resolve the issue.
Did the location of this setting move? I've dug around quite a bit in the org settings and have been unable to find it.
Beta Was this translation helpful? Give feedback.
All reactions