[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"news:sw-github-dependabot-deno-support-2026-06-10":3},{"meta":4,"markdown":60},{"type":5,"articleId":6,"slug":7,"title":8,"titleEn":9,"category":10,"summary":11,"publishedAt":12,"image":13,"vocabulary":14,"source":58},"news","news-sw-github-dependabot-deno-support-2026-06-10","sw-github-dependabot-deno-support-2026-06-10","GitHub、DependabotのDeno対応を公開","GitHub Adds Deno Support to Dependabot Version Updates","tech-software","GitHub said on June 9, 2026 that Dependabot version updates now support the Deno ecosystem. The new support lets repositories add `package-ecosystem: \"deno\"` to `dependabot.yml` so scheduled runs can open update pull requests. GitHub's docs also say the support starts with Deno v2, covers `deno.json` and `deno.jsonc`, and can update dependencies that come from JSR or npm.\n","2026-06-10T00:00:00Z","https:\u002F\u002Fimages.yamiyomi.com\u002Fnews\u002Fsw-github-dependabot-deno-support-2026-06-10.png",[15,20,25,29,33,38,42,46,50,54],{"word":16,"reading":17,"meaning":18,"level":19},"対応","たいおう","support","N3",{"word":21,"reading":22,"meaning":23,"level":24},"依存関係","いぞんかんけい","dependency relationship","N1",{"word":26,"reading":27,"meaning":28,"level":19},"更新","こうしん","update",{"word":30,"reading":31,"meaning":32,"level":19},"設定","せってい","configuration",{"word":34,"reading":35,"meaning":36,"level":37},"構成","こうせい","structure or configuration","N2",{"word":39,"reading":40,"meaning":41,"level":19},"実行","じっこう","execution",{"word":43,"reading":44,"meaning":45,"level":37},"監視","かんし","monitoring",{"word":47,"reading":48,"meaning":49,"level":24},"版本管理","はんぽんかんり","version control",{"word":51,"reading":52,"meaning":53,"level":19},"公開","こうかい","release or publish",{"word":55,"reading":56,"meaning":57,"level":24},"供給網","きょうきゅうもう","supply chain",{"url":59},"https:\u002F\u002Fgithub.blog\u002Fchangelog\u002F2026-06-09-dependabot-version-updates-now-support-the-deno-ecosystem\u002F","\n::heading\nGitHub、DependabotのDeno[対応]{たいおう:support:N1}を[公開]{こうかい:release:N4}\n\n#en\nGitHub Adds Deno Support to Dependabot Version Updates\n::\n\n::para\nGitHubは[6月9日]{ろくがつここのか:June 9:N5}、Dependabotの[版本更新]{はんぽんこうしん:version updates:N2}がDenoエコシステムに[対応]{たいおう:support:N1}したと[発表]{はっぴょう:announce:N3}した。GitHubのチェンジログでは、[今回]{こんかい:this time:N3}の[対応]{たいおう:support:N1}は[脆弱性]{ぜいじゃくせい:vulnerability:N1} [修正]{しゅうせい:fix:N1}ではなく、[通常]{つうじょう:regular:N3}の[依存関係]{いぞんかんけい:dependencies:N2} [更新]{こうしん:update:N3}だけに[向けた]{むけた:aimed at:N3}ものだと[説明]{せつめい:explained:N3}された。\n\n#en\nGitHub announced on June 9 that Dependabot version updates now support the Deno ecosystem. The changelog says this release is for regular dependency updates, not Dependabot security updates.\n::\n\n::para\n[開発者]{かいはつしゃ:developers:N4}は`.github\u002Fdependabot.yml`にDenoの[項目]{こうもく:entry:N1}を[追加]{ついか:add:N3}すれば、[次回]{じかい:next:N3}の[予定]{よてい:scheduled:N3} [実行]{じっこう:run:N3}でDependabotが[更新]{こうしん:update:N3}のプルリクエストを[作る]{つくる:create:N4}。GitHubは、[導入]{どうにゅう:adoption:N2}の[手順]{てじゅん:steps:N2}をかなり[短く]{みじかく:briefly:N2} [示した]{しめした:showed:N3}。\n\n#en\nDevelopers can add a Deno entry to `.github\u002Fdependabot.yml`, and Dependabot will open update pull requests on the next scheduled run. GitHub presented the onboarding flow as a very small configuration change.\n::\n\n::heading\n[設定]{せってい:configuration:N2}で[何]{なに:what:N5}が[変わる]{かわる:changes:N3}\n\n#en\nWhat Changes in the Configuration\n::\n\n::para\nGitHub Docsの[対応表]{たいおうひょう:support table:N1}では、Denoの`package-ecosystem` [値]{あたい:value:N3}は`deno`で、[対象]{たいしょう:target:N2}の[版]{はん:version:N2}はDeno v2[以上]{いじょう:and above:N4}と[書かれている]{かかれている:is written:N5}。つまり、Deno 2[系]{けい:series:N1}を[使う]{つかう:use:N4} [保守中]{ほしゅちゅう:under maintenance:N1}の[実務]{じつむ:production:N3}リポジトリが[直接]{ちょくせつ:directly:N2} [恩恵]{おんけい:benefit:N1}を[受ける]{うける:receive:N3} [形]{かたち:form:N3}だ。\n\n#en\nGitHub's support table says the `package-ecosystem` value is `deno` and that the supported version is Deno v2 and above. In practice, that means maintained repositories already using the Deno 2 line can benefit immediately.\n::\n\n::para\n[同じ]{おなじ:same:N4}Docsは、Dependabotが`deno.json`と`deno.jsonc`の[依存関係]{いぞんかんけい:dependencies:N2}を[更新]{こうしん:update:N3}できると[説明]{せつめい:explain:N3}する。DenoのプロジェクトはJSRとnpmの[両方]{りょうほう:both:N3}から[依存関係]{いぞんかんけい:dependencies:N2}を[取れる]{とれる:can pull:N3}ため、この[対応]{たいおう:support:N1}は[設定]{せってい:configuration:N2}ファイル1[枚]{まい:file:N2}で[複数]{ふくすう:multiple:N2}の[供給元]{きょうきゅうもと:sources:N3}を[監視]{かんし:monitor:N1}できる[意味]{いみ:meaning:N4}を[持つ]{もつ:has:N4}。\n\n#en\nThe same docs say Dependabot can update dependencies in `deno.json` and `deno.jsonc`. Because Deno projects can pull dependencies from both JSR and npm, one configuration can now monitor multiple dependency sources.\n::\n\n::para\n[一方]{いっぽう:meanwhile:N4}で、GitHubはDeno[対応]{たいおう:support:N1}に[私設]{しせつ:private:N2}レジストリとベンダリングの[対応]{たいおう:support:N1}は[含まない]{ふくまない:does not include:N2}と[明記]{めいき:state explicitly:N3}した。Denoを[社内]{しゃない:internal:N3}ミラーや[閉域]{へいいき:closed-network:N2}の[構成]{こうせい:setup:N3}で[運用]{うんよう:operate:N4}している[組織]{そしき:organizations:N1}には、まだ[追加]{ついか:additional:N3}の[検討]{けんとう:review:N1}が[要る]{いる:is needed:N3}と[見られる]{みられる:is seen:N5}。\n\n#en\nAt the same time, GitHub explicitly says Deno support does not include private registries or vendoring. Organizations running Deno through internal mirrors or closed-network setups will likely still need extra review.\n::\n\n::heading\n[開発現場]{かいはつげんば:development teams:N3}への[影響]{えいきょう:impact:N1}\n\n#en\nImpact on Development Teams\n::\n\n::para\nDenoの[依存関係]{いぞんかんけい:dependencies:N2}は、JSRの[新しい]{あたらしい:new:N4} [公開版]{こうかいばん:published version:N2}やnpmパッケージの[改訂]{かいてい:revision:N1}が[出る]{でる:appear:N5}たびに[追う]{おう:track:N3} [必要]{ひつよう:need:N3}がある。Dependabotがここを[自動化]{じどうか:automation:N3}すると、[手作業]{てさぎょう:manual work:N4}での[確認]{かくにん:checking:N3}よりも[早く]{はやく:faster:N4} [差分]{さぶん:diff:N3}を[出せる]{だせる:can produce:N5}ため、[保守]{ほしゅ:maintenance:N1}の[負担]{ふたん:burden:N2}は[下がる]{さがる:falls:N5}。\n\n#en\nDeno dependencies still need tracking whenever JSR publishes a new version or an npm package is revised. If Dependabot automates that, teams can surface upgrade diffs faster than with manual checking and reduce maintenance overhead.\n::\n\n::para\n[特に]{とくに:especially:N4}`deno.json`を[中心]{ちゅうしん:center:N4}に[構成]{こうせい:configure:N3}する[小さな]{ちいさな:small:N5}サービスでは、[依存関係]{いぞんかんけい:dependencies:N2} [監視]{かんし:monitoring:N1}の[仕組み]{しくみ:mechanism:N3}が[弱い]{よわい:weak:N2}ことも[多い]{おおい:common:N4}。GitHubの[標準機能]{ひょうじゅんきのう:built-in feature:N1}で[更新]{こうしん:update:N3} PRが[来る]{くる:arrive:N5}なら、Denoの[採用]{さいよう:adoption:N2} [障壁]{しょうへき:barrier:N1}を1つ[下げる]{さげる:lower:N5} [材料]{ざいりょう:factor:N2}になりそうだ。\n\n#en\nThis matters especially for smaller services centered on `deno.json`, where dependency monitoring can be thin. If update PRs arrive through a built-in GitHub feature, that may remove one friction point for adopting Deno.\n::\n\n::para\n[今回]{こんかい:this time:N3}の[発表]{はっぴょう:announcement:N3}は[大きな]{おおきな:large:N5} [新機能]{しんきのう:new feature:N3}というより、Denoが[既存]{きそん:existing:N1}の[開発基盤]{かいはつきばん:development platform:N1}に[入る]{はいる:fit into:N5} [前提]{ぜんてい:assumption:N1}を[強める]{つよめる:strengthen:N4} [更新]{こうしん:update:N3}と[読める]{よめる:can be read:N5}。Dependabotの[対象]{たいしょう:coverage:N2}に[入る]{はいる:enter:N5}ことで、Denoはほかの[主要]{しゅよう:major:N3}エコシステムに[近い]{ちかい:closer:N4} [運用体験]{うんようたいけん:operational experience:N4}を[得た]{えた:gained:N3}。\n\n#en\nThis announcement is less a flashy feature launch and more a sign that Deno is being treated as part of the normal developer-platform baseline. By entering Dependabot's coverage, Deno gains an operational experience closer to larger ecosystems.\n::\n\n::heading\n[供給網]{きょうきゅうもう:supply chain:N1}の[視点]{してん:viewpoint:N1}\n\n#en\nThe Supply-Chain Angle\n::\n\n::callout\nDependabotの[更新]{こうしん:update:N3}は[脆弱性]{ぜいじゃくせい:vulnerability:N1} [対応]{たいおう:response:N1}そのものではないが、[古い]{ふるい:old:N4} [依存関係]{いぞんかんけい:dependencies:N2}を[長く]{ながく:for long:N5} [放置]{ほうち:leave unattended:N3}しないための[基本線]{きほんせん:baseline:N1}にはなる。[供給網]{きょうきゅうもう:supply chain:N1}の[管理]{かんり:management:N2}では、この[地味]{じみ:plain:N4}な[自動化]{じどうか:automation:N3}が[効く]{きく:pays off:N2}ことが[多い]{おおい:often:N4}。\n\n#en\nDependabot version updates are not the same as vulnerability remediation, but they do form a baseline for avoiding long-neglected dependencies. In supply-chain management, that kind of plain automation often matters.\n::\n\n::para\nGitHubがDenoを[版本更新]{はんぽんこうしん:version updates:N2}の[一覧]{いちらん:coverage list:N1}に[加えた]{くわえた:added:N3}ことで、Denoを[使う]{つかう:use:N4} [組織]{そしき:organizations:N1}は[他]{ほか:other:N3}の[言語]{げんご:languages:N4}と[同じ]{おなじ:same:N4} [流れ]{ながれ:workflow:N3}で[更新]{こうしん:update:N3}を[回しやすく]{まわしやすく:easier to operate:N3}なる。Denoそのものの[成長]{せいちょう:growth:N3}だけでなく、[周辺]{しゅうへん:surrounding:N2}ツールが[追いつく]{おいつく:catch up:N3} [段階]{だんかい:stage:N2}に[入った]{はいった:entered:N5}と[見る]{みる:view:N5}こともできる。\n\n#en\nBy adding Deno to the version-update coverage list, GitHub lets Deno-using organizations handle updates through a workflow that looks more like their other languages. The move suggests not only Deno growth, but also that the surrounding tooling is catching up.\n::\n"]