Getting Started

Run Dependabot on Azure DevOps repositories with the extension, CLI, or hosted service.

Paklo brings automated dependency updates to Azure DevOps repositories using Dependabot. Choose the deployment method that best fits your needs:

Deployment Options

Azure DevOps Extension

Run Dependabot in your Azure Pipelines with full control over scheduling and configuration.

Best for: Teams who want to manage updates in their existing pipeline infrastructure.

Learn more →

CLI

Run Dependabot locally or in any CI/CD environment with Docker support.

Best for: Local testing, custom automation, or non-Azure DevOps CI/CD systems.

Learn more →

Hosted Service

Fully managed Dependabot updates without infrastructure management.

Best for: Teams who want automatic updates without pipeline configuration or maintenance.

Learn more →

Quick Start: Azure DevOps Extension

Install the Dependabot extension from the Visual Studio Marketplace.

Create a dependabot.yml file at .github/dependabot.yml or .azuredevops/dependabot.yml:

version: 2
updates:
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "weekly"

Create a pipeline with the dependabot@2 task:

trigger: none # Disable CI trigger

schedules:
  - cron: '0 0 * * 0' # Weekly on Sunday at midnight UTC
    always: true
    branches:
      include:
        - main
    batch: true
    displayName: Weekly Dependabot

pool:
  vmImage: 'ubuntu-latest' # Requires macOS or Ubuntu (Windows not supported)

steps:
  - task: dependabot@2
    inputs:
      mergeStrategy: 'squash'

The task accepts many inputs such as dryRun, setAutoComplete, and mergeStrategy. See Azure DevOps Extension for the full list.

Configuration

All deployment methods use the same dependabot.yml configuration format. See Configuration for complete documentation.

Next Steps

Configuration - Complete dependabot.yml reference
Private Registries - Configure private package feeds
Security Advisories - Security-only updates
Troubleshooting - Common issues and solutions

How is this guide?

Last updated on

Paklo brings automated dependency updates to Azure DevOps repositories using Dependabot. Choose the deployment method that best fits your needs:

Deployment Options

Azure DevOps Extension

Run Dependabot in your Azure Pipelines with full control over scheduling and configuration.

Best for: Teams who want to manage updates in their existing pipeline infrastructure.

Learn more →

CLI

Run Dependabot locally or in any CI/CD environment with Docker support.

Best for: Local testing, custom automation, or non-Azure DevOps CI/CD systems.

Learn more →

Hosted Service

Fully managed Dependabot updates without infrastructure management.

Best for: Teams who want automatic updates without pipeline configuration or maintenance.

Learn more →

Quick Start: Azure DevOps Extension

Install the Dependabot extension from the Visual Studio Marketplace.

Create a dependabot.yml file at .github/dependabot.yml or .azuredevops/dependabot.yml:

version: 2
updates:
  - package-ecosystem: "npm"
    directory: "/"
    schedule:
      interval: "weekly"

Create a pipeline with the dependabot@2 task:

trigger: none # Disable CI trigger

schedules:
  - cron: '0 0 * * 0' # Weekly on Sunday at midnight UTC
    always: true
    branches:
      include:
        - main
    batch: true
    displayName: Weekly Dependabot

pool:
  vmImage: 'ubuntu-latest' # Requires macOS or Ubuntu (Windows not supported)

steps:
  - task: dependabot@2
    inputs:
      mergeStrategy: 'squash'

The task accepts many inputs such as dryRun, setAutoComplete, and mergeStrategy. See Azure DevOps Extension for the full list.

Configuration

All deployment methods use the same dependabot.yml configuration format. See Configuration for complete documentation.

Next Steps

Configuration - Complete dependabot.yml reference
Private Registries - Configure private package feeds
Security Advisories - Security-only updates
Troubleshooting - Common issues and solutions

How is this guide?

Last updated on

Deployment Options

Azure DevOps Extension

CLI

Hosted Service

Quick Start: Azure DevOps Extension

Configuration

Next Steps

On this page

Getting Started

Deployment Options

Azure DevOps Extension

CLI

Hosted Service

Quick Start: Azure DevOps Extension

Configuration

Next Steps

On this page