[{"data":1,"prerenderedAt":74},["ShallowReactive",2],{"term-d\u002Fdependabot-fatigue":3,"related-d\u002Fdependabot-fatigue":59},{"id":4,"title":5,"acronym":6,"body":7,"category":40,"description":41,"difficulty":42,"extension":43,"letter":44,"meta":45,"navigation":46,"path":47,"related":48,"seo":53,"sitemap":54,"stem":57,"subcategory":6,"__hash__":58},"terms\u002Fterms\u002Fd\u002Fdependabot-fatigue.md","Dependabot Fatigue",null,{"type":8,"value":9,"toc":33},"minimark",[10,15,19,23,26,30],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"Dependabot fatigue is opening your PR list and seeing 47 dependency-update PRs from a bot that never sleeps. You start reflexively merging without reading. Eventually, Dependabot bumps something that breaks production and you realize you should have paid attention.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"Dependabot fatigue is the desensitization that occurs when automated dependency-update PRs overwhelm a team's review bandwidth. Teams often respond with auto-merge for patch updates, grouped updates, and scheduled update windows. Without guardrails, Dependabot fatigue leads to both missed security fixes and accidentally merged breaking changes.",[11,27,29],{"id":28},"when-youll-hear-this","When You'll Hear This",[16,31,32],{},"\"Enable grouped updates — we're drowning in Dependabot fatigue.\" \u002F \"That vuln sat in the queue for 3 weeks because of Dependabot fatigue.\"",{"title":34,"searchDepth":35,"depth":35,"links":36},"",2,[37,38,39],{"id":13,"depth":35,"text":14},{"id":21,"depth":35,"text":22},{"id":28,"depth":35,"text":29},"vibecoding","Dependabot fatigue is opening your PR list and seeing 47 dependency-update PRs from a bot that never sleeps. You start reflexively merging without reading.","beginner","md","d",{},true,"\u002Fterms\u002Fd\u002Fdependabot-fatigue",[49,50,51,52],"Dependabot","Renovate","Bot PR","PR Fatigue",{"title":5,"description":41},{"changefreq":55,"priority":56},"weekly",0.7,"terms\u002Fd\u002Fdependabot-fatigue","jtPv1qWL4jy4GoafFmWHmAFBjKsEr-U6P9FFVHJfstg",[60,63,67,70],{"title":51,"path":61,"acronym":6,"category":40,"difficulty":42,"description":62},"\u002Fterms\u002Fb\u002Fbot-pr","A bot PR is a pull request opened by an automated system — Dependabot, Renovate, an AI agent — instead of a human. Some are essential (security patches).",{"title":49,"path":64,"acronym":6,"category":65,"difficulty":42,"description":66},"\u002Fterms\u002Fd\u002Fdependabot","cicd","Dependabot is GitHub's robot that checks your dependencies for updates and security vulnerabilities, then opens PRs to fix them.",{"title":52,"path":68,"acronym":6,"category":40,"difficulty":42,"description":69},"\u002Fterms\u002Fp\u002Fpr-fatigue","PR fatigue is when your review queue has 40 open PRs and you've stopped actually reading them. You just scroll, click approve, and move on.",{"title":50,"path":71,"acronym":6,"category":65,"difficulty":72,"description":73},"\u002Fterms\u002Fr\u002Frenovate","intermediate","Renovate is Dependabot's more powerful cousin.",1776518273547]