Skip to content

Dependabot now updates your Actions workflows

GitHub Actions makes it easy to automate all your software workflows, from continuous integration and delivery to issue triage and more. Whether you want to build a container, deploy a…

Dependabot now updates your Actions workflows
Author

GitHub Actions makes it easy to automate all your software workflows, from continuous integration and delivery to issue triage and more. Whether you want to build a container, deploy a web service, or automate welcoming new users to your open source projects—there’s an action for that. Actions can be frequently updated with bug fixes and new features that might make your build faster, more reliable, and safer. To take advantage of updates to actions, you previously had to update your Actions workflow file manually. This led to some workflows using outdated versions of actions.

Now, Dependabot can keep the actions used in your workflow files updated automatically! Dependabot version updates will periodically check your workflow files and the Actions they use and see if new versions are available. If they are, Dependabot will send you a pull request that updates your workflow file to use the new version.

Dependabot creates pull requests that update the action to the latest released tag (e.g., v2), regardless of if you’re currently on a release tag, a pre-release tag, or a specific hash.

Dependabot version updates are fully configurable: you can control how often and when your workflow files are checked, who should be assigned to review the PR, and more.

To enable Dependabot version updates for GitHub Actions, check a dependabot.yml configuration file into your repository.

You can also use Dependabot version updates on a variety of other package ecosystems and tools, from Ruby’s bundler to .NET’s nuget to elm, using the same configuration file you just created to update your Actions workflows.

Learn more about:

Explore more from GitHub

Product

Product

Updates on GitHub products and features, hot off the press.
The ReadME Project

The ReadME Project

Stories and voices from the developer community.
GitHub Copilot

GitHub Copilot

Don't fly solo. Try 30 days for free.
Work at GitHub!

Work at GitHub!

Check out our current job openings.