Automated Python Security and Dependency Updates
Keep track of Python security and regular dependency updates with automated pull requests straight to your GitHub repo.
Dependencies are a part of your code. Don't rely on email notifications in someone's mailbox.
We're trusted by some of the biggest companies worldwide, join them today.
Don't ship insecure code
We currently track more than 900 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.
All the info you need
When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.
See failed tests
Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.
Try it out now! Free for public repos. Get started
Build for Python
PyUp is built to solve the specific structures and complex Python environments. For example, we parse requirements.txt, setup.cfg, tox.ini, Pipfiles and Conda files to keep your codebase secure and up to date. Read more
Plays nice with your integrations
A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.
Highly Configurable
Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? PyUp's dependency security and version updates are highly configurable. Read more on configuring PyUp.
Free for open source, get started now. Sign Up
Don't want to give access to your private repos?
See our the Safety command line tool.
You can run it locally or on your CI server.
We also offer on-premesis versions of PyUp our enterprise customers. Get in touch