What's better than Dependabot letting you know when you've got a vulnerable dependency? Dependabot showing you exactly how you call the vulnerable code path.
https://github.blog/2022-0...
Dependabot alerts now surface if your code is calling a vulnerability | The GitHub Blog
Today, we're shipping a new feature for Dependabot alerts which helps you better understand how you're affected by a vulnerability.