Skip to content

Dependabot supports configuration of a minimum package age before creating a PR [GA] #1105

New issue
New issue
Open
Open
Dependabot supports configuration of a minimum package age before creating a PR [GA]#1105
Labels
GHES 3.18GHES 3.18GitHub Advanced Security (GHAS)Product SKU: GitHub Advanced SecuritygaFeature phase: Generally available
@glider-bot

Description

@glider-bot
glider-bot
opened on Feb 20, 2025

Value Prop

This feature allows Dependabot users to optionally configure a delay for opening a Dependabot PR for a newly updated dependency until a certain amount of time has passed.

Expected Outcome

The cooldown feature helps teams improve security and reduce noise from frequent dependency updates by delaying Dependabot PRs for a configurable period, allowing time for patch releases and stabilizing updates without disrupting project workflows.

Metadata

Metadata

Assignees

No one assigned

    Labels

    GHES 3.18GHES 3.18GitHub Advanced Security (GHAS)Product SKU: GitHub Advanced SecuritygaFeature phase: Generally available

    Type

    No type

    Projects

    GitHub Public Roadmap

    Status

    Q2 2025 – Apr-Jun

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions