Improving the developer experience for Dependabot alerts

GitHub is enhancing its Dependabot alerts to provide a more developer-friendly experience by making them more descriptive and easier to manage. Since its launch four years ago, Dependabot has alerted users to over 425 million potential vulnerabilities in open source dependencies. The updated alerts now deliver more detailed information, including alert titles, severity scoring, and linked pull requests, with each alert uniquely identified for improved tracking. Users can utilize new filtering options and manually create security update pull requests if automatic updates are not enabled. The alerts persist even after being fixed and can be viewed under a "Closed" tab, with upcoming features allowing dismissed alerts to be reopened. GitHub Advanced Security customers can now access organization-level alerts for a comprehensive view of their security posture. These updates are part of GitHub's ongoing efforts to address user feedback and improve the actionability and configurability of Dependabot alerts.