# Dependabot security updates reference

Find usage information for Dependabot security updates.

## Priority of grouped security update settings

Settings for grouped Dependabot security updates are applied in the following order, from highest to lowest priority:

1. Settings defined in a `dependabot.yml` file. See [About the `dependabot.yml` file](/en/code-security/reference/supply-chain-security/dependabot-options-reference#about-the-dependabotyml-file).
2. Repository-level settings defined in the UI
3. Organization-level settings defined in the UI

## Enablement for forked repositories

If you create a fork of a repository that has security updates enabled, GitHub will automatically disable Dependabot security updates for the fork. You can then decide whether to enable Dependabot security updates on the specific fork.