---
title: Understanding your software supply chain
versions:
  fpt: '*'
  ghes: '*'
  ghec: '*'
topics:
  - Dependency graph
  - Dependencies
  - Repositories
shortTitle: Understand your supply chain
children:
  - /about-supply-chain-security
  - /about-the-dependency-graph
  - /dependency-graph-supported-package-ecosystems
  - /configuring-the-dependency-graph
  - /configuring-automatic-dependency-submission-for-your-repository
  - /exporting-a-software-bill-of-materials-for-your-repository
  - /using-the-dependency-submission-api
  - /about-dependency-review
  - /configuring-the-dependency-review-action
  - /customizing-your-dependency-review-action-configuration
  - /enforcing-dependency-review-across-an-organization
  - /exploring-the-dependencies-of-a-repository
  - /troubleshooting-the-dependency-graph
  - /immutable-releases
  - /preventing-changes-to-your-releases
  - /verifying-the-integrity-of-a-release
---