Dependabot is joining GitHub

Dependabot has been acquired by GitHub and we couldn't be more excited!

GitHub + Dependabot

Here's what you need to know:

  • We're integrating Dependabot directly into GitHub, starting with security fix PRs ๐Ÿ‘ฎโ€โ™‚๏ธ
  • You can still install Dependabot from the GitHub Marketplace whilst we integrate it into GitHub, but it's now free of charge ๐ŸŽ
  • We've doubled the size of Dependabot's team; expect lots of great improvements over the coming months ๐Ÿ‘ฉโ€๐Ÿ’ป๐Ÿ‘จโ€๐Ÿ’ป๐Ÿ‘ฉโ€๐Ÿ’ป๐Ÿ‘จโ€๐Ÿ’ป๐Ÿ‘ฉโ€๐Ÿ’ป๐Ÿ‘จโ€๐Ÿ’ป

It's a dream outcome for us at Dependabot, and we can't wait to bring automated dependency updates to millions of GitHub users.

If you're an existing Dependabot customer, the changes you'll notice are:

  1. Dependabot is now free. You'll no longer be billed for it, and if you paid for future months, we'll be in touch to refund you.
  2. In time, you'll be able to configure Dependabot within GitHub, so you'll no longer need the Dependabot dashboard.

Thank you for making Dependabot what it is today. Your feedback, bug reports and encouragement over the last two years have been invaluable. We couldn't have built Dependabot without you.

Grey, Harry and Philip

Questions you may have

What is happening to the existing Dependabot product?

The existing Dependabot app has been renamed to "Dependabot Preview." It will remain available in the GitHub Marketplace, fully supported and now free of charge, whilst we integrate its features directly into GitHub.

Can new users still sign up?

Yes! If you're not already a Dependabot user, we encourage you to give "Dependabot Preview" a try. We'll use your feedback on it to inform the integration with GitHub.

Who do we contact with any other questions?

As always, you can reach us on with any questions, or post to our public feedback repo.

Whatโ€™s happening to my paid membership?

Dependabot is now free. You'll no longer be billed for it, and if you paid for future months, we'll be in touch to refund you.

Will there be any changes to Dependabot's privacy policy?

We're not planning to make any changes to Dependabot's privacy policy.

Will dependabot-core remain open source?

Dependabot Core is currently source available and hosted here. It will remain source available, with a license in keeping with the intention in the project's README.

Dependabot helps keep your dependencies up-to-date. It's free for personal accounts and open source, and always will be.

Find out moreTake me to the app