cc @vapurrmaid

The majority of our pull requests are from dependabot making it annoying to sift through Pull Requests. Also, unless dependabot is submitting a security fix, an upgrade may just break the code (see Minimum Version Selection).