diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 568a8550..28fea087 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -13,11 +13,14 @@ updates:
     schedule:
       interval: "daily"
     open-pull-requests-limit: 10
-    applies-to: security-updates
-    groups:
-      security-updates:
-        patterns:
-          - "*" 
+    allow:
+      - dependency-type: "direct"
+    ignore:
+      - dependency-name: "*"
+        update-types:
+          - "version-update:semver-major"
+          - "version-update:semver-minor"
+    security-updates-only: true
 
   # Frontend dependencies (security updates grouped)
   # - package-ecosystem: npm