Dependabot

@dependabot

A friendly robot that helps you keep your Ruby, JavaScript, Python, PHP, Elixir, Rust, Go, Java, .NET and Elm dependencies up to date

dependabot.com
Joined May 2017
31 Photos and videos Photos and videos

Tweets

You blocked @dependabot

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @dependabot

  1. Retweeted
    7 hours ago

    Just merged our 500th dependency update PR from inside of the repos. 🤖👌Thanks for making it so easy to keep dependencies up to date.

    2 retweets 4 likes
    Undo
  2. Retweeted
    Oct 4

    OHAI Rubyists. Nokogiri 1.8.5 has been released, containing upstream libxml2 security patches ("medium") and a few bug fixes. For more details start at Also, here's a picture of my cat being a dummy.

    2 retweets 12 likes
    Undo
  3. Retweeted
    Oct 3

    New blog content from ⁦⁩ on the engineering blog detailing how we approached our chunky upgrade to ⁦⁩ 5.2

    11 retweets 9 likes
    Undo
  4. Retweeted
    Oct 1

    Set up on some repos today. Enables you to be lazier while ensuring dependencies are up-to-date. All new projects should have: - automated dependency checking ( or equiv) - file - auto code formatting - good error tracking (e.g. )

    2 retweets 8 likes
    Undo
  5. Retweeted
    Sep 28

    Upgrading GitHub from Rails 3.2 to 5.2 by

    4 replies 148 retweets 299 likes
    Undo
  6. Sep 20

    If your using Dependabot with Maven you can expect a couple of extra PRs from us tomorrow morning - just schooled us on handling plugins that use the default Maven groupID. Open source works! 🙏🤖

    1 retweet 1 like
    Undo
  7. Sep 20

    Ever changed your default branch in GitHub and had to manually update all your pull requests? Dependabot now automatically updates its pull requests when it detects the default branch has changed. 🍸

    7 likes
    Undo
  8. Retweeted
    Sep 18

    A new version is out! Read more about Bundler 1.16.5 in the changelog at

    3 retweets 9 likes
    Undo
  9. Sep 10

    Dependabot now supports Elm 0.19 🎉 

    1 reply 1 retweet 4 likes
    Undo
  10. Retweeted
    Sep 8

    Are there any other London start-ups with as many alum starting their own thing as ? - pgMustard 🖥 - ✈️ - ✨ - 🤖 - 🛳 - innovate42 📋

    1 reply 8 retweets 38 likes
    Show this thread
    Show this thread
    Undo
  11. Retweeted
    Sep 6

    Would you be interested in helping us maintain ? If so, get in touch and I’ll chat with you about first steps to get involved.

    10 replies 44 retweets 34 likes
    Undo
  12. Retweeted
    Sep 5

    Bahaha is doing a great job here at . An application I maintain was using an out-of-date version of a library that I also maintain. Everyone go and install this bot.

    1 reply 6 retweets 13 likes
    Undo
  13. Retweeted
    Sep 5

    Stop failing at using open source software in your organisation by following a few, simple tips:

    15 retweets 28 likes
    Undo
  14. Retweeted
    Sep 4

    Have been using for two weeks now and it's really cool: it's not limited to one language and works with pipenv, you can configure how many PRs should be opened, when the service should check for updates, etc. Highly recommended!

    1 retweet 1 like
    Undo
  15. Sep 3

    If you’re using Pipenv but running `pipenv lock -r` to generate a requirements.txt file Dependabot will now keen that requirements file up-to-date when it updates your Pipfile.lock 🤖🍸

    1 like
    Undo
  16. Sep 2

    It looks like this is now resolved. Thanks for your patience.

    Show this thread
    Show this thread
    Undo
  17. Sep 1

    We’re still seeing this issue, but now only for projects that use Yarn. We’ll continue to monitor, and can only apologise for any inconvenience.

    1 reply
    Show this thread
    Show this thread
    Undo
  18. Sep 1

    If you’re seeing errors when Dependabot attempts to rebase your JS pull requests it’s due to the current npm DNS issues. We’re monitoring it and will rebase all out-of-date PRs when resolved. Sorry for any inconvenience in the meantime.

    1 reply 6 likes
    Show this thread
    Show this thread
    Undo
  19. Aug 31

    Vulnerability in rubyzip disclosed less than an hour ago. Dependabot has already created over 250 PRs to migrate users to the new, patched version.

    1 reply 3 retweets 12 likes
    Undo
  20. Aug 30

    Dependabot now integrates with 's OSS Index to create PRs for insecure Java and .NET dependencies. 🕵️‍♀️ 

    1 reply 2 retweets 5 likes
    Undo

@dependabot hasn't Tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·