We believe in a developer-first approach to security. Starting February 7, anyone with repository write or maintain roles will be able to view and act on Dependabot alerts by default, better empowering developers to keep their code secure.
https://github.blog/2023-01-17-dependabot-alerts-are-now-visible-to-more-developers/

https://twitter.com/github/status/1618659282416713735