Note: Dependabot alert rules are currently in beta and are subject to change.
Prioritizing Dependabot alerts with Dependabot alert rules
You can use Dependabot alert rules to auto-triage Dependabot alerts.
About Dependabot alert rules
Auto-triage rules are a powerful tool to help you better manage your security alerts at scale. Dependabot's default rulesets are curated for you and filter out a substantial amount of false positives. Custom auto-triage rules provide control over which alerts are ignored, snoozed, or trigger a Dependabot security update to resolve the alert.
Using GitHub-curated alert rules to prioritize Dependabot alerts
You can use a GitHub-curated alert rule to auto-dismiss low impact development alerts for npm dependencies.
Customizing alert rules to prioritize Dependabot alerts
You can create your own user-defined rules to auto-triage alerts.
Managing alerts that have been automatically dismissed by an alert rule
You can filter to see which alerts have been auto-dismissed by an alert rule, and you can reopen dismissed alerts.