Dependabot reviewers configuration option being replaced by code owners

To improve reliability and reduce review assignment conflicts, we’re removing the Dependabot reviewers configuration option on Tuesday, May 20, 2025.

We’re retiring this dependabot.yml configuration option because the functionality overlaps with GitHub code owners. This has caused issues in the past, and it’s duplicated effort to maintain the same functionality.

Moving forward, we recommend relying solely on code owners for assigning pull request reviewers. You can use a CODEOWNERS file to define individuals or teams responsible for code in a repository. GitHub natively supports code owners, ensuring more consistent and streamlined behavior. This change simplifies your configuration by having all your review requests come from one configuration file.

To get started using code owners today, check out these steps to set up a CODEOWNERS file.

JUN.9Release
Dependabot version updates now support the Deno ecosystem
- Supply Chain Security
JUN.9Retired
Upcoming breaking changes for npm v12
- Supply Chain Security
MAY.26Release
Dependabot version updates now support the sbt ecosystem
- Supply Chain Security
MAY.22Release
Staged publishing and new install-time controls for npm
- Supply Chain Security
MAY.19Retired
Upcoming deprecation of Python 3.9 for Dependabot
- Supply Chain Security
MAY.12Retired
Synchronous SBOM API deprecated
- Supply Chain Security
MAY.11Improvement
Cross-org Dependabot access for internal repositories
- Supply Chain Security
MAY.6Release
Search and filter bar for repository security advisories
- Supply Chain Security
MAY.5Release
Dependency scanning with GitHub MCP Server is in public preview
- Supply Chain Security

Dependabot reviewers configuration option being replaced by code owners

Related Posts

Subscribe to our developer newsletter