Millions of repos use Dependabot to keep their dependencies up to date, either by updating when a Dependabot alert lets them know about a vulnerable dependency (security updates), or on a fixed schedule (version updates). Dependabot security updates have been generally available for over a year, and it's time that version updates join them in general availability.

Dependabot version updates extend the functionality provided by security updates by creating pull requests updating all configured dependencies to their latest versions, staying ahead of potential security vulnerabilities. You can configure it to update selected ecosystems on your schedule, including or excluding desired dependencies.

Thanks to all Dependabot users who have filed issues, provided feedback, and helped us achieve this milestone.

Learn more about Dependabot version updates.

To see what's next for Dependabot, visit the public roadmap.