[jalada]

We (Pixie Labs) have been using Dependabot for a month or two now. Here four reasons why, as a small team with a bunch of codebases to look after, we <3 them:

1. Their pre-sales support was great and they went out of their way to accommodate our requirements. 2. You can get ongoing support from them by @ing the bot in a PR (and they reply inline!). 3. It drip-feeds you updates (5 a day), so a really old project is still manageable. 4. The PR message contains links to release notes, changelog, and actual commits, for the library in question. This is such a time save (and reveals how many OSS projects don't have decent changelogs).