Comment by romantomjak

The GitHub security alert digest[1] is a real thing. It's a feature of GitHub where they report security vulnerabilities in your project's dependencies. For example, if you use python and you have specified requests library in your requirements.txt, GitHub will send you emails about disclosed vulnerabilities in that library, urging you to upgrade to a higher version where it's fixed.

[1] https://docs.github.com/en/code-security/dependabot/dependab...