You can use Dependabot to keep the packages you use updated to the latest versions.
You can upgrade to GitHub-native Dependabot by merging a pull request that will allow your dependencies to continue being updated.
You can configure your repository so that Dependabot automatically updates the packages you use.
You can view the dependencies that Dependabot monitors for updates.
You manage pull requests raised by Dependabot in much the same way as other pull requests, but there are some extra options.
Examples of how you can use GitHub Actions to automate common Dependabot related tasks.
You can store sensitive information, like passwords and access tokens, as encrypted secrets and then reference these in the Dependabot configuration file.
You can customize how Dependabot maintains your dependencies.
Detailed information for all the options you can use to customize how Dependabot maintains your repositories.
You can use Dependabot to keep the actions you use updated to the latest versions.
All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.
Or, learn how to contribute.