diff --git a/.policy.yml b/.policy.yml
index afcb7c576..9bf6d5391 100644
--- a/.policy.yml
+++ b/.policy.yml
@@ -8,8 +8,8 @@ policy:
       - changelog only and contributor approval
       - fixing excavator
       - excavator only touched baseline, circle, gradle files, godel files, docker-compose-rule config or versions.props
-      - excavator only touched package.json and lock files
       - excavator only touched config files
+      - bots updated package.json and lock files
   disapproval:
     requires:
       organizations: [ "palantir" ]
@@ -89,12 +89,14 @@ approval_rules:
           - "^\\..*.yml$"
           - "^\\.github/.*$"
 
-  - name: excavator only touched package.json and lock files
+  - name: bots updated package.json and lock files
     requires:
       count: 0
     if:
       has_author_in:
-        users: [ "svc-excavator-bot" ]
+        users:
+        - "svc-excavator-bot"
+        - "dependabot[bot]"
       only_changed_files:
         paths:
           - "^.*yarn.lock$"