Keep your dependencies on GitHub up to date without the automatic creation of the Pull Requests to update the dependency and checking for the known vulnerabilities. https://github.blog/2020-06-01-keep-all-your-packages-up-to-date-with-dependabot/
Free • Proprietary
Software as a Service (SaaS)
What is Dependabot?
Keeping your dependencies updated is one of the easiest ways to keep the software you build secure. However, while it’s critically important to keep your dependencies updated, in a recent survey, 52% of developers said they find it painful1. Dependabot alleviates that pain by updating your dependencies automatically, so you can spend less time updating dependencies and more time building. Up until now, the Dependabot features we’ve brought to GitHub have focused on automated security updates, which update packages that have known vulnerabilities.