GitHubCross-Directory Dependency Grouping
Dependabot has added the ability to group updates by dependency name across multiple directories, streamlining dependency management in repositories with complex structures. Previously, if a dependency needed updating in multiple directories, Dependabot would generate a separate pull request for each directory.
Before and After
Previous behavior: Upgrading a single dependency like requests across three directories would create three individual pull requests:
chore(deps): bump requests in /service-achore(deps): bump requests in /service-bchore(deps): bump requests in /service-c
New behavior: These updates are now consolidated into a single pull request, regardless of the number of affected directories.
Impact and Use Cases
This change is especially valuable for monorepos where a single dependency bump can touch dozens of directories. The consolidation reduces noise in pull request queues and simplifies the review and merge workflow.
Getting Started
Configure directory groups in your repository's dependabot.yml file using the updated Dependabot configuration documentation. This feature is available for all github.com users and will ship in GitHub Enterprise Server (GHES) 3.21.