Dependabot Now Supports uv

As of March 13, 2025, Dependabot officially supports uv.

Dependabot is GitHub’s automated dependency management tool that continuously monitors repositories for outdated or insecure dependencies, automatically creating pull requests to update them to the latest versions. It supports multiple package ecosystems including npm, pip, Maven, Docker, and now uv as of March 13, 2025, allowing teams to maintain security compliance and dependency freshness with minimal manual intervention.