Introducing auto-triage rules for Dependabot

GitHub has introduced a public beta for custom auto-triage rules for Dependabot, allowing developers to create personalized criteria for auto-dismissing or reopening alerts, thus enhancing alert management and reducing false positives. Since the initial release of Dependabot policies, over 250,000 repositories have opted in, resulting in the auto-dismissal of millions of unnecessary alerts. The new feature enables developers to focus on significant alerts by setting rules based on attributes like severity, dependency scope, and package name. This functionality is free for public repositories and part of GitHub Advanced Security for private ones, and it integrates with existing reporting systems to maintain visibility into automated decisions. Upcoming enhancements aim to expand alert metadata and enforcement options, offering more control over security updates.