diff --git a/CHANGELOG.md b/CHANGELOG.md
index c847575..e150cc3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 
 - Require a CLA Assistant GitHub workflow. (#269)
 - Update the CLA notice in `CONTRIBUTING.md` template. (#269)
+- Add Renovate as an acceptable alternative to Dependabot. (#271)
 
 ## [1.6.0] - 2023-09-14
 
diff --git a/specification/repository.md b/specification/repository.md
index 5c4d365..ded293c 100644
--- a/specification/repository.md
+++ b/specification/repository.md
@@ -54,11 +54,25 @@ approval is granted, GDI repositories MUST NOT cut a GA release.
 - MUST lock the versions of all build dependencies (e.g. libraries, binaries,
   scripts, docker images) or vendor them; **EXCEPTION:** tools that are
   available out-of-the-box on the CI runner
+- To help keep dependencies up to date, the repo MUST be configured with
+[Dependabot](https://github.com/dependabot/dependabot-core) or [Renovate](https://github.com/apps/renovate).
+
+#### Dependabot
+
 - MUST enable [Dependabot alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts)
   - MUST grant access to alerts for the approvers and maintainers teams
   - MUST enable [Dependabot security updates](https://docs.github.com/en/code-security/dependabot/dependabot-security-updates/about-dependabot-security-updates)
 - MUST configure [Dependabot version updates](https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/about-dependabot-version-updates)
 
+#### Renovate
+
+Follow the steps below if you want to use Renovate to update the dependencies.
+
+- MUST add the repo to the [list of Renovatebot repos](https://github.com/organizations/signalfx/settings/installations/41531652).
+- MUST add a
+[Renovate config file](https://docs.renovatebot.com/configuration-options/)
+to the repo.
+
 ### GitHub Actions
 
 - MUST use [GitHub