 The Dependency Scanning feature can automatically find security vulnerabilities in your dependencies while you're developing and testing your applications. For example, Dependency Scanning lets you know if your application uses an internal library that is known to be vulnerable. Here we see a merge request. When expanding the Security Scanning section, we can scroll down and see that Dependency Scanning has detected 10 potential vulnerabilities. They're sorted by severity. When clicking on a vulnerability, we can see detailed information on that vulnerability as well as how to resolve it. These vulnerabilities are also actionable. You can dismiss it and provide a comment to the security team. You can also create a confidential issue to collaborate on it later.