Automated Security and Dependency Updates

Keep track of security and regular dependency updates with automated pull requests straight to your GitHub repo.

Dependencies are a part of your code. Don't rely on email notifications in someone's mailbox.

Get started

PyUp is trusted by some of the biggest companies worldwide, join them today.

Don't ship insecure code

We currently track more than 600 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.

All the info you need

When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.

See failed tests

Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.

Try it out now! Free for public repos.

Plays nice with your integrations

A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.

Highly Configurable

Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? We support that.

Free for open source, get started now.

Don't want to give access to your private repos?

Understandable. Check out the Safety command line tool. You can run it locally or on your CI server.