Automated Security and Dependency Updates

We help you to keep track of security and regular dependency updates by sending you automated pull requests straight to your GitHub repo.

Dependencies are a part of your code. Don't rely on email update notifications lying in someone's mailbox.

Don't ship insecure code

We currently track more than 600 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.

All the info you need

When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.

See failed tests

Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.

Try it out now! Free for public repos.

Plays nice with your integrations

A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.

Highly Configurable

Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? We support that.

You are in good company

Our service is used by some of the biggest companies worldwide, join them today.

Free for open source, get started now.

Don't want to give access to your private repos?

Understandable. Check out the Safety command line tool. You can run it locally or on your CI server.