yarn audit versus Dependabot Vulnerability Alerts

[neilgamb]

Is this coming from the same source? When I run yarn audit on my repo, I'm showing:

yarn audit v1.22.19
0 vulnerabilities found - Packages audited: 2169
✨  Done in 3.85s.

But I'm also showing a bunch of dependabot alerts in my repo's security tab.

Btw, I have a few deps listed in my resolutions section of my package.json:

  "resolutions": {
    "node-forge": "^1.3.1",
    "immer": "^9.0.6",
    "nth-check": "^2.0.1",
    "shell-quote": "^1.7.3",
    "glob-parent": "^6.0.1",
    "ansi-html": "^0.0.8",
    "browserslist": "^4.16.8"
  },