roadmap icon indicating copy to clipboard operation
roadmap copied to clipboard
verified publisher icon github

Dependabot supports configuration of a minimum package age before creating a PR [GA]

Open glider-bot opened this issue 11 months ago • 1 comments

Value Prop

This feature allows Dependabot users to optionally configure a delay for opening a Dependabot PR for a newly updated dependency until a certain amount of time has passed.

Expected Outcome

The cooldown feature helps teams improve security and reduce noise from frequent dependency updates by delaying Dependabot PRs for a configurable period, allowing time for patch releases and stabilizing updates without disrupting project workflows.

glider-bot avatar Feb 20 '25 20:02 glider-bot

🚢 This has shipped: https://github.blog/changelog/2025-07-01-dependabot-supports-configuration-of-a-minimum-package-age

Leaving open to track for GHES release!

ankneis avatar Jul 03 '25 21:07 ankneis