software

OIDC support for Dependabot and code scanning

Published: (April 14, 2026 at 04:29 PM EDT)
1 min read
Source: GitHub Changelog

Source: GitHub Changelog

What’s new

Organization administrators can configure OIDC‑based credentials for private registries across their organization. With OIDC‑based authentication, you can dynamically obtain short‑lived credentials from your cloud identity provider, just like GitHub Actions workflows using OIDC federation. This builds on earlier support for OIDC authentication in repository‑level dependabot.yml configuration files and extends it to the organization level, so you can centrally manage registry access for all repositories in your org.

Supported registries

  • AWS CodeArtifact
  • Azure DevOps Artifacts
  • JFrog Artifactory

Within the next four weeks, we will add support for Cloudsmith and Google Artifact Registry.

This feature is now generally available on github.com and will ship in GitHub Enterprise Server 3.22.

Learn more about configuring OIDC for Dependabot and code scanning at the organization level. You can also join the community discussion.

0 views
#software #github #updates
View source
Share:
Back to Blog

Related posts

Read more »

Sunsetting SHA-1 in HTTPS on GitHub

What’s changing We’re going to remove the use of SHA‑1 in HTTPS for GitHub and our CDNs. This impacts browsers that are used to view the GitHub website, any so...

Manage agent skills with GitHub CLI

Agent skills are reshaping how developers work with AI coding agents. Today we’re launching gh skill, a new command in the GitHub CLI that makes it easy to disc...