MoreAI.tools
D
Dependabot (GitHub)
43
Stack Score
Editorial pick✓ Verified working
Dependabot (GitHub) logo

Dependabot (GitHub)

Automated dependency updates.

Best for

Best for any engineering team on GitHub — should be turned on as default.

At a glance

Pricing
free
Setup time
10 minutes
Learning curve
easy
Last verified
5/25/2026

What we love

  • Free with GitHub
  • Zero-config for most repos
  • Massive language coverage

Where it falls short

  • Can flood PRs without rule tuning
  • Some updates need manual review
  • GitHub-only

Pricing

✓ Pricing verified Jun 21, 2026

1 tier

Free

$0

forever

  • All Dependabot features

Overview

Dependabot (built into GitHub) scans dependencies, opens PRs for security and version updates, and supports custom update rules. Free for public repos, included in GitHub plans for private repos.

Key features

  • Auto-PR for updates
  • Security alerts
  • Version vs security separation
  • Custom schedule + rules
  • GitHub-native

Best use cases

Security patch automation

Auto-open PRs the moment a CVE drops in a dependency you use.

Major version upgrades

Schedule grouped version updates so you don't fall years behind.

Integrations

GitHub
npm
PyPI
Maven
NuGet
RubyGems
Go modules
Docker

One AI Stack pick every week.

The tool we’d pay for this week, why we’d pay for it, and what we’d skip. No promo spam.