Managing alerts for vulnerable dependencies in your organization

Organization owners and repository admins receive security alerts when we detect a vulnerable dependency in an organization repository. You can specify additional organization members or teams with write access to also receive security alerts for vulnerable dependencies.

  1. On GitHub, navigate to the main page of the repository.

  2. Under your repository name, click Settings.

    Repository settings button

  3. In the left sidebar, click Security alerts.

    Security alerts tab in the settings sidebar

  4. Type the name of the person or team you'd like to receive security alerts when GitHub detects a vulnerable dependency, then click their username or team name to select it.

  5. After you've selected all of the people or teams you'd like to receive security alerts, click Save changes.

Further reading

Ask a human

Can't find what you're looking for?

Contact us