All updates
Written by Mar 17, 2026

github: Dependabot now detects malware in npm dependencies

Mar 17, 2026

Dependabot can now alert on npm dependencies that match known malware advisories. When malware alerting is enabled, it checks repository npm dependencies against malicious package versions.

Sponsored by GitAds