dependabot-gitlab

Appearance

Security updates

Application supports syncing with GitHub Advisory Database for security vulnerability data retrieval when performing dependency updates.

This feature requires for github access token to be configured.

It is possible to disable security update merge requests via security-updates configuration option.

Vulnerability alerts

When dependabot-gitlab detects security vulnerability in a dependency but is unable to update it, it will create security vulnerability issue instead.

It is possible to configure assignee for vulnerability issue via vulnerability-alert configuration option.