About notifications for Dependabot 警报
When Dependabot detects vulnerable dependencies in your repositories, we generate a Dependabot alert and display it on the Security tab for the repository. GitHub Enterprise Server � �据通知首选项将新警报通知受影响仓库的维护员。
默认情况下,如果您的企业所有者已配置电子邮件以获取有关企业的通知,您将收到 Dependabot 警报 电子邮件。
企业所有者也可以在没有通知的情况下启用 Dependabot 警报。 更多信息请参阅“为企业启用 Dependabot”。
配置 Dependabot 警报 的通知
您可以从每个页面顶部显示的管理通知下拉菜单 为您自己或您的组织配置通知设置。 更多信息请参阅“配置通知”。
您可以选择通知的� 递方式,以及向您发送通知的频率。
By default, if your site administrator has configured email for notifications on your instance, you will receive Dependabot 警报:
- by email, an email is sent every time a vulnerability with a critical or high severity is found (Email each time a vulnerability is found option)
- in the user interface, a warning is shown in your repository's file and code views if there are any insecure dependencies (UI alerts option)
- on the command line, warnings are displayed as callbacks when you push to repositories with any insecure dependencies (Command Line option)
- in your inbox, as web notifications for new vulnerabilities with a critical or high severity (Web option)
You can customize the way you are notified about Dependabot 警报. For example, you can receive a weekly digest email summarizing alerts for up to 10 of your repositories using the Email a digest summary of vulnerabilities and Weekly security email digest options.
注意:您可以在 GitHub 上过滤通知以显示 Dependabot 警报。 更多信息请参阅“从收件箱管理通知”。
影响一个或多个存储库的 Dependabot 警报 的电子邮件通知包括 X-GitHub-Severity
� �头字段。 可以使用 X-GitHub-Severity
� �头字段的值来筛选电子邮件通知中的 Dependabot 警报。 更多信息请参阅“配置通知”。
How to reduce the noise from notifications for Dependabot 警报
如果您想要收到太多 Dependabot 警报 的通知,我们建议您选择� 入每周的电子邮件摘要,或者在保持 Dependabot 警报 启用时关闭通知。 您仍可导航到仓库的 Security(安全性)选项卡查看 Dependabot 警报。 For more information, see "Viewing and updatng Dependabot 警报."