Note: Dependabot auto-triage rules are currently in beta and are subject to change.
Prioritizing Dependabot alerts with Dependabot auto-triage rules
You can use Dependabot auto-triage rules to prioritize Dependabot alerts.
About Dependabot auto-triage rules
Dependabot auto-triage rules are a powerful tool to help you better manage your security alerts at scale. Dependabot's default rules are curated for you and filter out a substantial amount of false positives. Custom auto-triage rules provide control over which alerts are ignored, snoozed, or trigger a Dependabot security update to resolve the alert.
Using GitHub-curated default rules to prioritize Dependabot alerts
You can use a GitHub-curated default rule to auto-dismiss low impact development alerts for npm dependencies.
Customizing auto-triage rules to prioritize Dependabot alerts
You can create your own auto-triage rules to control which alerts are dismissed or snoozed, and which alerts you want Dependabot to open pull requests for.
Managing alerts that have been automatically dismissed by a Dependabot auto-triage rule
You can filter to see which alerts have been auto-dismissed by a rule, and you can reopen dismissed alerts.