Dependabot for GitHub Enterprise

According to, Dependabot is now “GitHub-native”.

Will Dependabot be made available for self-hosted GitHub Enterprise?

You can see that this is a popular request from the reactions and comments on


Hi @bgrainger,

Thank you for being here! While we aim to keep and GitHub Enterprise Server as close to feature parity as possible, due to our release process and requirements of certain product features, sometimes porting features over to GitHub Enterprise Server presents significant challenges. That said, we know customers are very interested in this feature, and so it’s likely that you’ll see security scanning in GitHub Enterprise Server at some point. While I cannot provide a timeline for this, we’ll be sure to document it in the Release notes.

In case it’s helpful, vulnerability alerts are currently available in GitHub Enterprise Server.