diff --git a/.docker/requirements.txt b/.docker/requirements.txt
new file mode 100644
index 000000000..f4aa52ee1
--- /dev/null
+++ b/.docker/requirements.txt
@@ -0,0 +1,10 @@
+# This file is just used to get security alerts from GitHub. Make sure the versions match
+# in worker.dockerfile.
+numpy==1.22.*
+opencv-contrib-python-headless==4.6.0
+scipy==1.10.0
+scikit-learn
+matplotlib==3.5.2
+PyExcelerate==0.6.7
+Pillow==10.2.0
+Shapely==1.8.1
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 000000000..f22aaf472
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,18 @@
+version: 2
+updates:
+    - package-ecosystem: pip
+      directory: "/.docker"
+      schedule:
+          interval: "weekly"
+    - package-ecosystem: composer
+      directory: "/"
+      schedule:
+          interval: "weekly"
+    - package-ecosystem: npm
+      directory: "/"
+      schedule:
+          interval: "weekly"
+    - package-ecosystem: github-actions
+      directory: "/"
+      schedule:
+          interval: "weekly"