Thanks for the advice! Security is definitely a big angle here - not only do dependency updates often include patches for known vulnerabilities, they're also the least likely to be affected by future vulnerabilities.

We wrote a blog post about it here: https://dependabot.com/blog/the-latest-dependency-version-is...