Tell HN: GitHub's Dependabot REST API is silently returning incomplete results
As of this morning (March 27, 2026), the GitHub Dependabot Alerts REST API endpoint (GET /repos/{owner}/{repo}/dependabot/alerts) is silently returning empty or partial results.
Our app hits this endpoint across hundreds of GitHub orgs. Starting around 07:00 UTC today, we noticed massive drops in alert counts. Digging in, we confirmed the API simply isn't returning alerts that are clearly visible in the GitHub UI.
Reproducible example on our own org:
$ gh api repos/{org}/{repo}/dependabot/alerts
[]
Key details: - The REST API returns [] or a fraction of the real count - The GraphQL API still returns correct results - The GitHub UI shows the right number - No error, no rate limit, no 4xx, just silently incomplete data - We're seeing this across many orgs, not just one
This is particularly nasty because there's no signal that anything is wrong. If you're relying on this endpoint for compliance or any automation, you're getting stale data right now and you won't know unless you cross-check.
Nothing on https://www.githubstatus.com as of writing.
Anyone else seeing this? You can trust Microsoft of all companies to make a product with "depend" on the name become unreliable I think they need to replace more developers with AI. The developers clearly make to many errors! I believe you've always been supposed to handle pagination for this API: https://docs.github.com/en/rest/using-the-rest-api/using-pag... Paginated-by-default APIs are an annoying pattern, like GitLab CI suddenly breaking after 20 builds, etc. I wish they would start making the pagination parameters required. Indeed this API requires pagination but the behavior we are seeing is that even the first page miss entries. A few days ago my test repo was showing 9 open issues in the API and in the UI. Today it's 1 in the API and 9 in the UI :( ! I have the same problem, but you can switch to the GraphQL API, it still provides the full dependabot alerts. For me it’s a lot slower though, because I need more nested queries to get the same data. Seeing the exact same behavior :( Looks like it's been fixed now! yup, same. I've been seeing this since Friday Looks like it's been fixed now!