Keep dependencies up to date, to make sure you can quickly apply a patch when it really matters. Dependabot version updates keep your packages up-to-date, even if they don’t have known vulnerabilities.
https://github.blog/2020-07-23-secure-at-every-step-show-your-dependencies-some-love-with-updates/

https://twitter.com/github/status/1286367998689902592