diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 6c33f218..a741aa82 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -11,16 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        include:
-          - node-version: 14
-            node-lts: true
-          - node-version: 16
-            node-lts: true
-          - node-version: 18
-            node-lts: true
-          - node-version: 19
-            node-lts: false
-    continue-on-error: ${{ ! matrix.node-lts }}
+        node-version: [14, 16, 18]
     steps:
       - uses: actions/checkout@v3
       - uses: actions/setup-node@v3
diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml
new file mode 100644
index 00000000..116722ad
--- /dev/null
+++ b/.github/workflows/dependabot-automerge.yml
@@ -0,0 +1,13 @@
+name: dependabot-automerge
+
+on:
+  pull_request:
+
+jobs:
+  dependabot-automerge:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - run: gh pr merge --auto "${{ github.event.pull_request.html_url }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/README.md b/README.md
index 54f27e59..da1c64a9 100644
--- a/README.md
+++ b/README.md
@@ -212,7 +212,7 @@ for NPM packages.
 If you have the `github-actions` plugin installed, it will add an updater for
 GitHub Actions workflows.
 
-[dependabot]:
+[Dependabot]:
   https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuring-dependabot-version-updates
 
 ## `devcontainer` _repo_
@@ -222,8 +222,11 @@ configuration using the
 [`typescript-node`](https://hub.docker.com/_/microsoft-vscode-devcontainers)
 image.
 
-If you have the `prettier` plugin installed, it will add the
-[Prettier VS Code extension](https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode).
+If you have the `prettier` plugin installed, it will add the [Prettier VS Code
+extension].
+
+[Prettier VS Code extension]:
+  https://marketplace.visualstudio.com/items?itemName=esbenp.prettier-vscode
 
 ## `doctoc` _repo_
 
@@ -256,6 +259,21 @@ repository:
 - `GH_TOKEN`: a GitHub token with read/write access to your repository
 - `NPM_TOKEN`: an NPM token with publish access to your packages
 
+If you have the `dependabot` plugin installed, this will also setup a
+`dependabot-automerge` workflow which enables auto-merge on dependabot PRs. You
+need to enable _Allow auto-merge_ in the GitHub repository settings and apply
+_Branch protection ruler_ for the main branch.
+
+> **Note**: If you enabled _Require approvals_ in the branch protection rules,
+> this won't automatically approve the PR. You will need to add an additional
+> step to the workflow manually, like:
+>
+> ```diff
+>  steps:
+> +  - uses: hmarr/auto-approve-action@v3
+>    - run: gh pr merge --auto "${{ github.event.pull_request.html_url }}"
+> ```
+
 > 🤓 _Default_: The workflows will use the `main` branch by default, but it is
 > trivial to change this.
 
@@ -375,9 +393,10 @@ Scaffolds a simple [express](https://expressjs.com) HTTP app with the
 
 > 🧪 _Experimental_
 
-Scaffolds a
-[custom GitHub Action](https://docs.github.com/en/actions/creating-actions/about-custom-actions)
-template.
+Scaffolds a [custom GitHub Action] template.
+
+[custom GitHub Action]:
+  https://docs.github.com/en/actions/creating-actions/about-custom-actions
 
 ## `lib` _repo or workspace_
 
diff --git a/packages/plugins/src/githubActions/githubActions.ts b/packages/plugins/src/githubActions/githubActions.ts
index e4333a23..8151e72c 100644
--- a/packages/plugins/src/githubActions/githubActions.ts
+++ b/packages/plugins/src/githubActions/githubActions.ts
@@ -52,6 +52,14 @@ async function load({ directory }: PluginArgs) {
       to: join(workflowDirectory, "format-check.yml"),
     });
   }
+
+  if (await hasPlugin({ directory, name: "dependabot" })) {
+    await copyFile({
+      from: new URL("../../static/dependabot-automerge.yml", import.meta.url)
+        .pathname,
+      to: join(workflowDirectory, "dependabot-automerge.yml"),
+    });
+  }
 }
 
 export const githubActions = {
diff --git a/packages/plugins/static/dependabot-automerge.yml b/packages/plugins/static/dependabot-automerge.yml
new file mode 100644
index 00000000..116722ad
--- /dev/null
+++ b/packages/plugins/static/dependabot-automerge.yml
@@ -0,0 +1,13 @@
+name: dependabot-automerge
+
+on:
+  pull_request:
+
+jobs:
+  dependabot-automerge:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - run: gh pr merge --auto "${{ github.event.pull_request.html_url }}"
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}