You can sort and filter Dependabot alerts by typing filters as key:value pairs into the search bar.
| Option | Description | Example |
|---|---|---|
CVE-ID | Displays alerts associated with this CVE-ID | CVE-2020-28482 will show any alerts whose underlying advisory has this CVE ID number. |
ecosystem | Displays alerts for the selected ecosystem | Use ecosystem:npm to show Dependabot alerts for npm |
GHSA-ID | Displays alerts associated with this GHSA-ID | GHSA-49wp-qq6x-g2rf will show any alerts whose underlying advisory has this GitHub Advisory Database ID. |
has | Displays alerts meeting the selected filter criteria | Use has:patch to show alerts related to advisories that have a patch |
is | Displays alerts based on their state | Use is:open to show open alerts |
manifest | Displays alerts for the selected manifest | Use manifest:webwolf/pom.xml to show alerts on the pom.xml file of the webwolf application |
package | Displays alerts for the selected package | Use package:django to show alerts for django |
resolution | Displays alerts of the selected resolution status | Use resolution:no-bandwidth to show alerts previously parked due to lack of resources or time to fix them |
repo | Displays alerts based on the repository they relate to Note that this filter is only available for security overview. For more information, see About security overview | Use repo:octocat-repo to show alerts in the repository called octocat-repo |
scope | Displays alerts based on the scope of the dependency they relate to | Use scope:development to show alerts for dependencies that are only used during development |
severity | Displays alerts based on their level of severity | Use severity:high to show alerts with a severity of High |
sort | Displays alerts according to the selected sort order | The default sorting option for alerts is sort:most-important, which ranks alerts by importanceUse sort:newest to show the latest alerts reported by Dependabot |
team | Display data for all repositories that the specified team has write access or admin access to. For more information on repository roles, see Repository roles for an organization. | Use team:octo-team to show alerts for repositories that the octo-team team has write access to. |
topic | Display data for all repositories that are classified with a specific topic. For more information on repository topics, see Classifying your repository with topics. | Use topic:nextjs to show alerts for repositories that are classified with the nextjs topic. |