← 返回首页
GitHub - dependabot/example-cli-usage at 2b97887ddb35cb2c10271d4d0bf45c938d020a91 · GitHub
Skip to content

Navigation Menu

Toggle navigation
Sign in
Appearance settings
Search or jump to...

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Appearance settings
Resetting focus

dependabot/example-cli-usage

 2b97887
Go to file
Code

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
View all files

Repository files navigation

More items

Example CLI Usage

This repo serves as an example of how to use Dependabot CLI for updates. It is intended as a starting point for advanced users to run a self-hosted version of Dependabot within their own projects.

If you're looking for a hassle-free Dependabot experience, check out the hosted Dependabot Service.

This repo uses an Action which downloads and runs Dependabot CLI. To run the Action you would go to the Action in the Actions tab, and run it.

To see what the results look like, go check out the Pull Requests.

Implementation details

The Action is defined at .github/workflows/example.yml.

It contains two jobs, the first downloads and runs Dependabot CLI. The input for the Dependabot CLI job is .github/dependabot/go.yml. See the Dependabot CLI repo for more info on inputs such as credentials and groupings.

The results are redirected to a file and uploaded as artifacts.

The second job downloads the artifact and creates PRs from it using the script create.sh.

The reason there are two jobs is Dependabot CLI should only run with read-only tokens as some ecosystem may execute arbitrary code. To achieve that in Actions we must use two jobs with permissions defined differently.

Also take a look at the Dependabot Smoke Tests repo for example inputs and expected outputs.

Where can I go for help?

If you are having issues with the updates to a specific ecosystem, head over to dependabot-core.

If there is a problem with running the Dependabot CLI, report that in the CLI repo.

We do not provide direct support for the scripts and workflows in this repo, this is only to serve as an example.

About

Demonstrates how to self-host Dependabot

Resources

License

Security policy

Stars

49 stars

Watchers

8 watching

Forks

Contributors

Footer

© 2026 GitHub, Inc.