Dependabot
Dependabot is in use across the majority of stacks repositories. Dependabot both allows tracking of statistics about projects in addition to providing notifications about new vulnerabilities as they are found.
Dependabot can be accessed from the Ensono organisation under the Security Tab.
Info
Dependabot as with Sonarcloud, npm audit, OWASP Dependency Check etc. are dependant upon security feeds provided by other organisations. The majority of these services combine feeds from multiple organisations with their own research. It’s common to see differences between Dependabot and npm audit for this reason.