One million Dependabot pull requests merged

We’re celebrating an exciting milestone with one million Dependabot pull requests merged.

Author

July 25, 2019

When we first acquired Dependabot, we made it available as a GitHub app to give you the functionality to update your projects’ dependencies with pull requests. Those updates could be used to add support for new features, introduce performance improvements, or address security vulnerabilities.

Dependabot continues to help developers take care of tedious tasks so they can focus on what matters most for their projects. It’s come a long way from its first merged pull request in April 2017, and today we’re excited to announce that Dependabot just celebrated one million merged pull requests! 🎉

The one millionth pull request

The one millionth Dependabot pull request was merged by @magarcia, when they updated their Gatsby and GitHub Pages-powered personal blog by bumping the babel-preset-gatsby package from 0.2.1 to 0.2.7.

The process to check if a dependency is out-of-date, update it locally, find release notes for the new version, and submit a pull request may only take a few minutes—but it quickly adds up. What’s even more impressive about one million pull requests is the number of developer hours that have been saved. Without Dependabot for the past two years, we would have needed a team of engineers working solely on updating dependencies full-time. Instead, Dependabot can help those engineers focus on building new features, streamlining code, addressing bugs, and maintaining other high-priority projects.

Curious about how Dependabot can free up your time and keep your projects secure and up-to-date? Now you can install and configure it in a few clicks. Get it for free from GitHub Marketplace while we integrate it to make your workflow even more seamless.

Did you know? Dependabot also powers GitHub’s automated security fix pull requests—something we’re rolling out to all repositories that receive security alerts. GitHub will monitor your dependencies for known security vulnerabilities and automatically open pull requests to update them to the minimum required version.

Learn about automated security fixes

Tags:

GitHub Partners

GitHub partners with Arm to revolutionize Internet of Things software development with GitHub Actions

Developers creating Internet of Things software use a complex stack of software that needs to be custom built into their CI/CD platform. Arm is leveraging the simplicity and scalability of GitHub Actions with a native integration that will revolutionize IoT software development.

Laura Paine

New and simplified Enterprise and Partner Terms

Can agreement terms be a great user experience? This was the challenge GitHub’s legal department set for itself last year. We’re excited to announce all-new GitHub Customer Terms for our…

Leithia Williams

How MLOps can drive governance for machine learning: A conversation with Algorithmia

This post features a guest interview with Diego M. Oppenheimer, CEO at Algorithmia Over the past few years, machine learning has grown in adoption within the enterprise. More organizations are…

GitHub Partnerships