Dependabot for Ruby

Dependabot creates pull requests to keep your Ruby dependencies up-to-date.


Ruby is one of our best supported languages. As well as Dependabot's core features it has:

Version conflicts taken care of

Dependabot considers resolvability when determining available version updates. Dependabot PRs will always resolve for your Gemfile and Ruby version.

Multi-dependency updates when required

If updating to the latest version of a dependency requires multiple dependencies to be updated at once then Dependabot will propose a multi-dependency update.

Support for git sources and private registries

Dependabot can handle alternative gem sources, as well as the main Rubygems registry. It even knows when a git commit you've pinned to is included in a release.

Gemfile and gemspec requirement updates

Dependabot will propose updates to your Gemfile and/or gemspec, as well as your Gemfile.lock. Alternatively, you can set Dependabot to only make lockfile updates.

Flexible monorepo support

Using a monorepo? No problem - you can specify one or many directories within a repo for Dependabot to look for dependency files in.

Custom branches and labels

By default, Dependabot will create PRs against your default branch and label them with "dependencies". Want to use a different branch or label? No problem.