Skip to content

manage-malware-alerts.md

Latest commit

 

History

History
55 lines (41 loc) · 3.09 KB

manage-malware-alerts.md

File metadata and controls

55 lines (41 loc) · 3.09 KB
title Managing Dependabot malware alerts
intro Find and triage malicious dependencies in your project with {% data variables.product.prodname_dependabot_malware_alerts %}.
shortTitle Manage malware alerts
permissions {% data reusables.gated-features.dependabot-malware-alerts %}
versions
feature
dependabot-malware-alerts
contentType how-tos
category
Secure your dependencies

Viewing {% data variables.product.prodname_dependabot_malware_alerts_short %} for your repository

{% data reusables.repositories.navigate-to-repo %} {% data reusables.repositories.sidebar-security %} {% data reusables.dependabot.view-malware-alerts %} {% data reusables.dependabot.filter-alerts-step %}

Viewing {% data variables.product.prodname_dependabot_malware_alerts_short %} for your organization

{% data reusables.profile.access_org %}

  1. Click the name of the organization you want to view. {% data reusables.organizations.security-overview %} {% data reusables.dependabot.view-malware-alerts %} {% data reusables.dependabot.filter-alerts-step %}

Viewing {% data variables.product.prodname_dependabot_malware_alerts_short %} for your enterprise

{% data reusables.enterprise-accounts.access-enterprise %}

  1. At the top of the page, click the {% data variables.product.prodname_security_and_quality_tab %} tab. {% data reusables.dependabot.view-malware-alerts %} {% data reusables.dependabot.filter-alerts-step %}

Dismissing {% data variables.product.prodname_dependabot_malware_alerts_short %}

  1. Navigate to the {% data variables.product.prodname_dependabot_malware_alerts %} view for your repository, organization, or enterprise.
  2. Click the name of the {% data variables.product.prodname_dependabot_malware_alert_short %} you want to dismiss.
  3. In the top-right corner, click Dismiss alert {% octicon "triangle-down" aria-hidden="true" aria-label="triangle-down" %}, then select a reason for dismissing the alert.
  4. Optionally, write a dismissal comment. The dismissal comment will be added to the alert timeline and can be used as justification during auditing and reporting.
  5. Click Dismiss alert.

Reopening a dismissed {% data variables.product.prodname_dependabot_malware_alert_short %}

  1. Navigate to the {% data variables.product.prodname_dependabot_malware_alerts %} view for your repository, organization, or enterprise.

  2. To view closed alerts, click {% octicon "shield-check" aria-hidden="true" aria-label="shield-check" %} NUMBER Closed.

    Screenshot showing the list of {% data variables.product.prodname_dependabot_alerts %} with the "Closed" tab highlighted with a dark orange outline.

  3. Click the alert that you would like to view or update.

  4. In the top-right corner, click Reopen.

Next steps

To help reduce false positives for internal packages and low-risk alerts, you can configure {% data variables.dependabot.auto_triage_rules %} to automatically dismiss alerts that meet certain criteria. See AUTOTITLE.