Managing alerts for vulnerable dependencies in your organization
Organization owners and repository admins receive security alerts when we detect a vulnerable dependency in an organization repository. You can specify additional organization members or teams with write access to also receive security alerts for vulnerable dependencies.
- On GitHub, navigate to the main page of the repository.
- Under your repository name, click
- In the left sidebar, click Security alerts.
- Type the name of the person or team you'd like to receive security alerts when GitHub detects a vulnerable dependency, then click their username or team name to select it.
- After you've selected all of the people or teams you'd like to receive security alerts, click Save changes.