Earlier this month, GitHub introduced a new API that allows users to upload dependency information directly from build tools or container scanning services, enhancing the completeness of dependency graphs beyond static scans of checked-in manifest files. This API aims to provide a more comprehensive view of dependencies and improve vulnerability alerts. GitHub also announced new partner actions, such as Anchore's sbom-action and NowSecure's Mobile SBOM, which generate software bills of materials (SBOM) and enhance visibility into nested dependencies for various ecosystems, including mobile and Scala projects. These tools enable automated security analysis, vulnerability detection, and Dependabot alerts by populating the GitHub Dependency Graph with detailed SBOMs. Additionally, Aqua Trivy, a free cloud-native security scanner, can now be used to populate the dependency graph with comprehensive data, further expanding the functionality available to developers.