EDI-fy "Configuring Dependabot security updates" (#59214)

sabrowning1 · web-flow · commit b8e042945018 · 2026-02-19T13:44:11.000Z
diff --git a/content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-dependabot-security-updates.md b/content/code-security/how-tos/secure-your-supply-chain/secure-your-dependencies/configuring-dependabot-security-updates.md
@@ -29,24 +29,6 @@ contentType: how-tos
 
 {% data reusables.dependabot.enterprise-enable-dependabot %}
 
-## About configuring {% data variables.product.prodname_dependabot_security_updates %}
-
-You can enable {% data variables.product.prodname_dependabot_security_updates %} for any repository that uses {% data variables.product.prodname_dependabot_alerts %} and the dependency graph. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates).
-
-You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for an individual repository, for a selection of repositories in an organization, or for all repositories owned by your personal account or organization. For more information about enabling security features in an organization, see {% ifversion security-configurations %}[AUTOTITLE](/code-security/securing-your-organization/enabling-security-features-in-your-organization).{% else %}[AUTOTITLE](/code-security/getting-started/quickstart-for-securing-your-organization).{% endif %}
-
-{% data reusables.dependabot.dependabot-security-updates-disable-for-alert-rules %}
-
-{% ifversion fpt or ghec %}{% data reusables.dependabot.dependabot-tos %}{% endif %}
-
-## Supported repositories
-
-{% data variables.product.prodname_dotcom %} automatically enables {% data variables.product.prodname_dependabot_security_updates %} for newly created repositories if your personal account or organization has enabled **Automatically enable for new repositories** for {% data variables.product.prodname_dependabot_security_updates %}. For more information, see [Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories](#managing-dependabot-security-updates-for-your-repositories).
-
-If you create a fork of a repository that has security updates enabled, {% data variables.product.prodname_dotcom %} will automatically disable {% data variables.product.prodname_dependabot_security_updates %} for the fork. You can then decide whether to enable {% data variables.product.prodname_dependabot_security_updates %} on the specific fork.
-
-If security updates are not enabled for your repository and you don't know why, first try enabling them using the instructions given in the procedural sections below. If security updates are still not working, you can contact {% data variables.contact.contact_support %}.
-
 ## Managing {% data variables.product.prodname_dependabot_security_updates %} for your repositories
 
 You can enable or disable {% data variables.product.prodname_dependabot_security_updates %} for all qualifying repositories owned by your personal account or organization. For more information, see [AUTOTITLE](/account-and-profile/setting-up-and-managing-your-personal-account-on-github/managing-personal-account-settings/managing-security-and-analysis-settings-for-your-personal-account) or [AUTOTITLE](/organizations/keeping-your-organization-secure/managing-security-settings-for-your-organization/managing-security-and-analysis-settings-for-your-organization).
@@ -62,7 +44,7 @@ You can also enable or disable {% data variables.product.prodname_dependabot_sec
 
 ## Grouping {% data variables.product.prodname_dependabot_security_updates %} into a single pull request
 
-To reduce the number of pull requests you may be seeing, you can enable grouped security updates for your repository or organization. When this is enabled, {% data variables.product.prodname_dependabot %} will group security updates into one pull request for each package ecosystem. In order to use grouped security updates, you must first enable the following features:
+In order to use grouped security updates, you must first enable the following features:
 
 * **Dependency graph**. For more information, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/configuring-the-dependency-graph).
 * **{% data variables.product.prodname_dependabot_alerts %}**. For more information, see [AUTOTITLE](/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts).
@@ -76,8 +58,6 @@ To reduce the number of pull requests you may be seeing, you can enable grouped
 
 ### Enabling or disabling grouped {% data variables.product.prodname_dependabot_security_updates %} for an individual repository
 
-Repository administrators can enable or disable grouped security updates for their repository. Changing the repository setting will override any default organization settings. {% data reusables.dependabot.dependabot-grouped-security-updates-yaml-override %}
-
 {% data reusables.repositories.navigate-to-repo %}
 {% data reusables.repositories.sidebar-settings %}
 {% data reusables.repositories.navigate-to-code-security-and-analysis %}
@@ -89,8 +69,6 @@ Repository administrators can enable or disable grouped security updates for the
 
 {% else %}
 
-Organization owners can enable or disable grouped security updates for all repositories in their organization. However, repository administrators within the organization can update the settings for their repositories to override the default organization settings. {% data reusables.dependabot.dependabot-grouped-security-updates-yaml-override %}
-
 {% data reusables.profile.access_org %}
 {% data reusables.profile.org_settings %}
 {% data reusables.organizations.security-and-analysis %}
diff --git a/content/code-security/reference/supply-chain-security/dependabot-security-updates.md b/content/code-security/reference/supply-chain-security/dependabot-security-updates.md
@@ -0,0 +1,27 @@
+---
+title: Dependabot security updates reference
+shortTitle: Dependabot security updates
+intro: Find usage information for {% data variables.product.prodname_dependabot_security_updates %}.
+topics:
+  - Dependency graph
+  - Dependencies
+  - Vulnerabilities
+  - Repositories
+versions:
+  fpt: '*'
+  ghec: '*'
+  ghes: '*'
+contentType: reference
+---
+
+## Priority of grouped security update settings
+
+Settings for grouped {% data variables.product.prodname_dependabot_security_updates %} are applied in the following order, from highest to lowest priority:
+
+1. Settings defined in a `dependabot.yml` file. See [About the `dependabot.yml` file](/code-security/reference/supply-chain-security/dependabot-options-reference#about-the-dependabotyml-file).
+1. Repository-level settings defined in the UI
+1. Organization-level settings defined in the UI
+
+## Enablement for forked repositories
+
+If you create a fork of a repository that has security updates enabled, {% data variables.product.prodname_dotcom %} will automatically disable {% data variables.product.prodname_dependabot_security_updates %} for the fork. You can then decide whether to enable {% data variables.product.prodname_dependabot_security_updates %} on the specific fork.
diff --git a/content/code-security/reference/supply-chain-security/index.md b/content/code-security/reference/supply-chain-security/index.md
@@ -22,6 +22,7 @@ children:
   - /supported-ecosystems-and-manifests-for-dependency-scope
   - /dependabot-pull-request-comment-commands
   - /supported-ecosystems-and-repositories
+  - /dependabot-security-updates
   - /dependency-graph-supported-package-ecosystems
   - /dependabot-on-actions
   - /dependabot-errors
