diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..1d08a57
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,80 @@
+version: 2
+updates:
+
+  #######################################
+  #  GitHub Actions (Security Best Practice)
+  #######################################
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "deps"
+      include: "scope"
+
+  #######################################
+  #  Python (pip) — e.g., requirements.txt
+  #######################################
+  - package-ecosystem: "pip"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "pip"
+      include: "scope"
+
+  #######################################
+  #  Docker Dependencies — updates FROM images
+  #######################################
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "docker"
+      include: "scope"
+
+  #######################################
+  #  Maven (pom.xml)
+  #######################################
+  - package-ecosystem: "maven"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "maven"
+      include: "scope"
+
+  #######################################
+  #  Gradle (build.gradle, gradle.properties)
+  #######################################
+  - package-ecosystem: "gradle"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "gradle"
+      include: "scope"
+
+  #######################################
+  #  JavaScript (npm / package.json)
+  #######################################
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "dependabot"
+    commit-message:
+      prefix: "npm"
+      include: "scope"
\ No newline at end of file
diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml
index 2d641b0..dc65f78 100644
--- a/.github/workflows/dependabot-auto-merge.yml
+++ b/.github/workflows/dependabot-auto-merge.yml
@@ -1,5 +1,7 @@
 name: Dependabot auto-merge
-on: pull_request
+
+on:
+  pull_request:
 
 permissions:
   contents: write
@@ -16,7 +18,7 @@ jobs:
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 
-      - name: Approve Dependabot PR
+      - name: Approve PR
         run: gh pr review --approve "$PR_URL"
         env:
           PR_URL: ${{ github.event.pull_request.html_url }}