diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000..bc91ec15f7
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,47 @@
+# Enable Dependabot NPM updates for all dependencies on a weekly basis
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+    # Allow up to 10 open PRs for dependencies
+    open-pull-requests-limit: 10
+# Group together Angular package upgrades
+groups:
+  # Group together all minor/patch version updates for Angular in a single PR
+  angular:
+    applies-to: version-updates
+    patterns:
+    - "@angular*"
+    update-types:
+    - "minor"
+    - "patch"
+  # Group together all security updates for Angular. Only accept minor/patch types.
+  angular-security:
+    applies-to: security-updates
+    patterns:
+    - "@angular*"
+    update-types:
+    - "minor"
+    - "patch"
+  # Group together all minor/patch version updates for NgRx in a single PR
+  ngrx:
+    applies-to: version-updates
+    patterns:
+    - "@ngrx*"
+    update-types:
+    - "minor"
+    - "patch"
+  # Group together all security updates for NgRx. Only accept minor/patch types.
+  ngrx-security:
+    applies-to: security-updates
+    patterns:
+    - "@ngrx*"
+    update-types:
+    - "minor"
+    - "patch"
+ignore:
+  # Ignore all major version updates for all dependencies. We'll only automate minor/patch updates.
+  - dependency-name: "*"
+    update-types: ["version-update:semver-major"]