Dependabot Badge

Public repositories

To enable dependabot on a public repo (for the badge to working), you need to either

• login at https://app.dependabot.com/ then add it manually,
• or add a .dependabot/config.yml file to the repo.

Then you may include the badge in your repo like this PR.

Private repositories

In order to use the dependabot badge with a private GitHub repository you will need to get its id. You can use the GitHub API and curl to do this like so:

curl -u "$your_username" https://api.github.com/repos/$repo_owner/$repo_name

• $your_username is well your GitHub username for authentication.
• $repo_owner is the owner of the repo e.g. badgen.
• $repo_name is the name of the repo e.g. badgen-icons.

You will need to have read permissions for the repo for this to work, and once entering the command you will be prompted to provide a password for your GitHub account. If you use 2 factor authentication use one of the following 2 methods:

• Pass a 2 factor authentication code

  curl -u "$your_username" --header 'x-github-otp: $2fa_code' https://api.github.com/repos/$repo_owner/$repo_name
  

  • $2fa_code is the 2 factor authentication code from your phone.

• Pass a personal access token

  curl --header 'Authorization: token $pat_token' https://api.github.com/repos/$repo_owner/$repo_name
  

  • $pat_token is a personal authentication token (see this article).

Running one of the above curl commands should output a large JSON object of all the repository details, all we want is the "id" field, it should be the first item and be a 9 digit number.

Once you have found the id for your repo, you can use it with the badgen dependabot endpoint like so:

https://badgen.net/dependabot/badgen/example-private-repo/123456789?icon=dependabot

Examples

/dependabot/:owner/:repo/:identifier?

• /dependabot/thepracticaldev/dev.to?icon=dependabot status
• /dependabot/dependabot/dependabot-core?icon=dependabot status