diff --git a/.DS_Store b/.DS_Store
deleted file mode 100644
index 5008ddf..0000000
Binary files a/.DS_Store and /dev/null differ
diff --git a/.gitignore b/.gitignore
index b3db10c..dd258ca 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,3 +18,6 @@ elrond*.db
 .claude/
 .codegraph/
 coverage.out
+
+# macOS
+.DS_Store
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9a9287a..c188a1e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -50,8 +50,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - `.gitattributes` — LF normalization, binary detection, GitHub
   linguist hints (mark `sdk/python/**` as Python, `sdk/typescript/**`
   as TypeScript so language stats reflect the Go core).
-- `.github/dependabot.yml` — weekly `gomod`, `pip` (sdk/python),
-  `npm` (sdk/typescript), and `github-actions` updates.
 - `.github/PULL_REQUEST_TEMPLATE.md` — Summary / Changes / Memory-/
   retrieval-quality impact / Testing / Checklist.
 - `.github/ISSUE_TEMPLATE/bug_report.yml` — structured bug report
diff --git a/SECURITY.md b/SECURITY.md
index 1722603..362c9a2 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -44,8 +44,8 @@ We follow [coordinated vulnerability disclosure](https://en.wikipedia.org/wiki/C
 
 ## Security practices in this repo
 
-- **Dependency monitoring:** automated via Dependabot (see
-  `.github/dependabot.yml`).
+- **Dependency monitoring:** vulnerable dependencies are detected by
+  `govulncheck`, which runs on every CI build (see "Vulnerability scanning").
 - **Static analysis:** `golangci-lint` / `ruff` / `mypy` enforced in CI.
 - **Vulnerability scanning:** `govulncheck` (Go) / `pip-audit` (Python) run
   on every CI build.