Weekly bumping

We just shipped a handy little new feature: the ability to reduce the frequency of dependency updating from daily to weekly.

Daily updates will remain as the default option---hearing about new versions sooner rather than later is always preferred. However, for projects that have a lot of dependencies that are often updated, weekly updating may suit you better.

If you do decided to use weekly bumping, it might be worth checking out services like Snyk to ensure you still hear about vulnerabilities promptly.

Weekly bumping demo

Thanks to Stuart Harrison for suggesting this improvement! We love hearing your feedback, so keep it coming.

Dependabot helps keep your dependencies up-to-date. It's free for personal accounts and open source, and always will be.

Find out moreTake me to the app