GitHub Actions streamlines the automation of software workflows, including continuous integration and delivery, by providing a wide array of actions for tasks such as building containers and deploying web services. To keep these actions up-to-date with the latest features and bug fixes, Dependabot now offers automatic version updates for Actions workflow files, eliminating the need for manual updates that could lead to outdated versions. Dependabot periodically checks for new action versions and sends pull requests to update workflow files, regardless of the current tagging system used. This feature is highly customizable, allowing users to set the frequency of updates and assign reviewers for pull requests. Enabling Dependabot for GitHub Actions requires a dependabot.yml configuration file in the repository, which also supports updates for other package ecosystems like Ruby’s bundler and .NET’s nuget.