You can allow users to identify their projects' dependencies by enabling the dependency graph for GitHub Enterprise Server. For more information, see Enabling the dependency graph for your enterprise.
启用依赖项关系图后,用户将可以访问依赖项审查功能。 依赖项审查帮助您了解依赖项变化以及这些变化在每个拉取请求中的安全影响。 有关详细信息,请参阅“关于依赖项评审”。
You can also allow users to find and fix vulnerabilities in their code dependencies by enabling Dependabot alerts and Dependabot updates. For more information, see 为企业启用 Dependabot.
After you enable Dependabot alerts, you can view vulnerability data from the GitHub Advisory Database on GitHub Enterprise Server and manually sync the data. For more information, see 查看企业的漏洞数据.