Dependabot is the way Github alerts you about security vulnerabilities in open source dependencies. The Github Advisory Database is where Dependabot draws it's knowledge from, meaning it is the database used by Dependabot to identify vulnerabilities in dependencies.
Software Composition Analysis (SCA) is the automated process of analyzing libraries and open source software with the aim of identifying publicly disclosed vulnerabilities, as well as license usage for compliance reasons.
Production passwords, tokens, AWS credentials and other types of secrets should be kept confidential and away from preying eyes of hackers or malicious insiders. In simple terms, no one should know production passwords for databases, admin passwords, AWS credentials etc unless there are legitimate business reasons that mandate to do so. Therefore, keeping these secrets hard-coded in Github repositories must be strictly prohibited.
GraphQL is a powerful way of interacting with an API to fetch a data object containing all, or at least most information that you need. It resembles REST in the way it works, but it's more powerful and faster. Instead of using multiple requests to query the server for different pieces of data that need to be stitched together, GraphQL allows to fetch a single custom defined object with a single call.