dependabot

dependabot / proxy

Public

Dependabot's HTTP proxy to authenticate requests to package registries, git servers, and the GitHub API

121
13
100% credibility
Found Feb 04, 2026 at 100 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

A secure helper that automatically handles authentication for software package fetches from private sources and services like GitHub.

How It Works

1
🔍 Discover Dependabot

You hear about a free tool that keeps your project's software packages automatically up to date.

2
📝 Share your private logins

You safely tell the tool about your private package sources by adding simple login details.

3
🚀 Start secure updates

With one click, the helper connects everything and begins fetching updates securely without extra effort.

4
📦 Grabs latest versions

It quietly adds your logins to every request, pulling the newest safe versions from anywhere.

5
Review suggestions

You get friendly pull requests showing exactly what changed and why it's better.

🎉 Project stays fresh

Your software runs smoothly with the latest secure updates, saving you time and worry.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 100 to 121 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is proxy?

Dependabot Proxy is a lightweight Go HTTP/HTTPS proxy that injects authentication into outbound requests from Dependabot to package registries, git servers, and the GitHub API. It solves credential sprawl in CI pipelines like dependabot github actions, letting you centralize dependabot github secrets and github_token for private registries without per-tool config. Dockerized for easy spins up on :1080, with JSON config for creds and env vars for job tokens.

Why is it gaining traction?

Handles auth for npm, Maven, Docker/ECR, Cargo, Helm, Composer, and more, plus git ops for github dependabot private repository and dependabot github enterprise. OIDC/JIT support cuts dependabot github pricing on token churn, while caching and metrics boost reliability in proxy github actions runs. Transparent proxying beats scattering auth in yamls or envs.

Who should use this?

Dependabot teams on GitHub Actions wrestling private package fetches or dependabot github advanced security scans. Suited for DevOps handling dependabot github configuration across ecosystems, or enterprise users needing proxy github http for github windows proxy quirks.

Verdict

Grab it for Dependabot-heavy workflows—thorough tests and Docker make it production-ready despite 118 stars and 1.0% credibility score. Maturity lags broad adoption (README-focused docs), so pair with official dependabot github packages guides.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.