Dependabot now updates your Actions workflows
GitHub Actions makes it easy to automate all your software workflows, from continuous integration and delivery to issue triage and more. Whether you want to build a container, deploy a…

GitHub Actions makes it easy to automate all your software workflows, from continuous integration and delivery to issue triage and more. Whether you want to build a container, deploy a web service, or automate welcoming new users to your open source projects—there’s an action for that. Actions can be frequently updated with bug fixes and new features that might make your build faster, more reliable, and safer. To take advantage of updates to actions, you previously had to update your Actions workflow file manually. This led to some workflows using outdated versions of actions.
Now, Dependabot can keep the actions used in your workflow files updated automatically! Dependabot version updates will periodically check your workflow files and the Actions they use and see if new versions are available. If they are, Dependabot will send you a pull request that updates your workflow file to use the new version.
Dependabot creates pull requests that update the action to the latest released tag (e.g., v2), regardless of if you’re currently on a release tag, a pre-release tag, or a specific hash.
Dependabot version updates are fully configurable: you can control how often and when your workflow files are checked, who should be assigned to review the PR, and more.
To enable Dependabot version updates for GitHub Actions, check a dependabot.yml
configuration file into your repository.
You can also use Dependabot version updates on a variety of other package ecosystems and tools, from Ruby’s bundler to .NET’s nuget to elm, using the same configuration file you just created to update your Actions workflows.
Learn more about:
Tags:
Written by
Related posts

Explore the best of GitHub Universe: 9 spaces built to spark creativity, connection, and joy
See what’s happening at Universe 2025, from experimental dev tools and career coaching to community-powered spaces. Save $400 on your pass with Early Bird pricing.

Agents panel: Launch Copilot coding agent tasks anywhere on GitHub
Delegate coding tasks to Copilot and track progress wherever you are on GitHub. Copilot works in the background, creates a pull request, and tags you for review when finished.

Q1 2025 Innovation Graph update: Bar chart races, data visualization on the rise, and key research
Discover the latest trends and insights on public software development activity on GitHub with the quarterly release of data for the Innovation Graph, updated through March 2025.