diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index e48af1a12..aac58a668 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -49,6 +49,9 @@ updates:
         versions: ['3.6.1', '3.6.2']
       - dependency-name: 'com.sap.cloud.security:env'
         versions: ['3.6.1', '3.6.2']
+      # needs Java 21
+      - dependency-name: 'com.puppycrawl.tools:checkstyle'
+        versions: [ ">=13.0.0" ]
 
   # archetype updates
   # Dependabot seems to be unable to handle those, so this is disabled for now