Dependabot now supports bundler
v2 for both security and version updates.
Learn more about Dependabot version updates and security updates.
To see what’s next for Dependabot, visit the public roadmap.
Millions of repos use Dependabot to keep their dependencies up to date, either by updating when a Dependabot alert lets them know about a vulnerable dependency (security updates), or on a fixed schedule (version updates). Dependabot security updates have been generally available for over a year, and it's time that version updates join them in general availability.
Dependabot version updates extend the functionality provided by security updates by creating pull requests updating all configured dependencies to their latest versions, staying ahead of potential security vulnerabilities. You can configure it to update selected ecosystems on your schedule, including or excluding desired dependencies.
Thanks to all Dependabot users who have filed issues, provided feedback, and helped us achieve this milestone.
Learn more about Dependabot version updates.
To see what's next for Dependabot, visit the public roadmap.
Dependabot now supports bundler
v2 for both security and version updates.
Learn more about Dependabot version updates and security updates.
To see what’s next for Dependabot, visit the public roadmap.
Code Scanning alerts from all enabled tools are now shown in one consolidated list, so that you can easily prioritise across all alerts. You can view alerts from a specific tool by using the Tool filter, and the Rule and Tag filters will dynamically update based on your Tool selection.