diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..e87acce
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,10 @@
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/portfolio/src"
+    open-pull-requests-limit: 6
+    schedule:
+      interval: 'weekly'
+      day: 'wednesday'
+      time: '09:00'
+      timezone: 'Europe/Berlin'
diff --git a/portfolio/src/package-lock.json b/portfolio/src/package-lock.json
index ccdb890..ae462ed 100644
--- a/portfolio/src/package-lock.json
+++ b/portfolio/src/package-lock.json
@@ -19,7 +19,7 @@
         "express-fileupload": "^1.5.0",
         "express-validator": "^7.0.1",
         "jsonwebtoken": "^9.0.2",
-        "pg": "^8.11.5",
+        "pg": "^8.12.0",
         "serve-favicon": "^2.5.0"
       }
     },
@@ -978,9 +978,9 @@
       "integrity": "sha512-5DFkuoqlv1uYQKxy8omFBeJPQcdoE07Kv2sferDCrAq1ohOU+MSDswDIbnx3YAM60qIOnYa53wBhXW0EbMonrQ=="
     },
     "node_modules/pg": {
-      "version": "8.11.5",
-      "resolved": "https://registry.npmjs.org/pg/-/pg-8.11.5.tgz",
-      "integrity": "sha512-jqgNHSKL5cbDjFlHyYsCXmQDrfIX/3RsNwYqpd4N0Kt8niLuNoRNH+aazv6cOd43gPh9Y4DjQCtb+X0MH0Hvnw==",
+      "version": "8.12.0",
+      "resolved": "https://registry.npmjs.org/pg/-/pg-8.12.0.tgz",
+      "integrity": "sha512-A+LHUSnwnxrnL/tZ+OLfqR1SxLN3c/pgDztZ47Rpbsd4jUytsTtwQo/TLPRzPJMp/1pbhYVhH9cuSZLAajNfjQ==",
       "dependencies": {
         "pg-connection-string": "^2.6.4",
         "pg-pool": "^3.6.2",
diff --git a/portfolio/src/package.json b/portfolio/src/package.json
index 3ad0dc9..6934281 100644
--- a/portfolio/src/package.json
+++ b/portfolio/src/package.json
@@ -10,7 +10,7 @@
     "express-fileupload": "^1.5.0",
     "express-validator": "^7.0.1",
     "jsonwebtoken": "^9.0.2",
-    "pg": "^8.11.5",
+    "pg": "^8.12.0",
     "serve-favicon": "^2.5.0"
   },
   "scripts": {