Enable Dependabot alerts for vulnerability detection

### Summary

Enable GitHub Dependabot vulnerability alerts for the repository so known vulnerable dependencies are automatically detected and surfaced early in the Security tab.

### Goals

- Detect vulnerable dependencies automatically via GitHub’s advisory database.
- Surface alerts in Security → Dependabot alerts for maintainers to triage.
- Improve baseline security posture with minimal maintenance overhead.

### Non-Goals

- Automatic version update PRs (Dependabot version updates).
- Replacing other security controls (CodeQL, review, etc.).
- Establishing SLA policies for alert remediation in this ticket.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Enable Dependabot alerts for vulnerability detection #23

Summary

Goals

Non-Goals

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Enable Dependabot alerts for vulnerability detection #23

Description

Summary

Goals

Non-Goals

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions