Don't ship insecure code
We currently track more than 900 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.
All the info you need
When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.
See failed tests
Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.
Build for Python
PyUp is built to solve the specific structures and complex Python environments. For example, we parse requirements.txt, setup.cfg, tox.ini, Pipfiles and Conda files to keep your codebase secure and up to date. Read more
Plays nice with your integrations
A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.
Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? PyUp's dependency security and version updates are highly configurable. Read more on configuring PyUp.