Skip to main content
Skip table of contents

How to integrate Jigit with GitHub Dependabot

This guide is about setting up Jigit - Jira GitHub & GitLab Integration with GitHub DependaBot

What is Dependabot?

Dependabot is an automated dependency management tool from GitHub that helps keep your dependancies up-to-date in software projects.

You can find a more detailed setup guide for Dependabot here.

Getting Started.

To begin, ensure Dependabot is enabled on your repositories on GitHub.

Navigate to the image-20240426-083131.png section of the main page of the repository in question:

image-20240426-083235.png

From your Security Overview, ensure Dependabot Alerts are enabled:

image-20240426-083316.png
image-20240426-083352.png

If you don’t see Dependabot under Vulnerability alerts in the Security Overview, it means you don’t have access to security alerts, and would need to request permissions from an administrator as follows:

image-20240426-083431.png

Once the above is confirmed, we can move on to the Jigit setup.

Jigit Setup and GitHub Integration

Go to your Project settings and then select image-20240426-083555.png. From here select the GitHub security alert configurations tab and add a new configuration, integrating with GitHub similar to the following. Be sure to link to your specific repository or group:

image-20240913-142426.png

If everything has been set up correct and successfully integrated with GitHub, then you should see image-20240426-084611.png at the bottom of your Project Sidebar to the left, as shown below. If it’s not shown initially, please refresh the page. Clicking this button will take you to the Vulnerabilities screen.

image-20240426-083733.png

The below is an example of the Vulnerability screen showing a list of vulnerabilities including their severity, the current status, when they were introduced and relevant identifiers.

image-20240426-083903.png

From here, you can use the search bar to locate specific vulnerabilities, or limited your selection with a series of filters as shown below. It’s also possible to filter by Repository.

image-20240426-083949.png

Additionally, using the Actions menu to the right of each vulnerability, as shown below:

image-20240426-084030.png

It is possible to create an issue that is linked to the vulnerability:

image-20240426-084056.png

Alternatively, you can link the vulnerability issues together as shown here:

image-20240426-084148.png

Once issues are linked together, they can be seen to the right of vulnerabilities under the issues column:

image-20240426-084258.png

This setup will allow you to quickly and easily review and address vulnerabilities directly from your project in Jira.

Updated:

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close