Automated Python Security and Dependency Updates

Keep track of Python security and regular dependency updates with automated pull requests straight to your GitHub repo.

Dependencies are a part of your code. Don't rely on email notifications in someone's mailbox.

We're trusted by some of the biggest companies worldwide, join them today.

Don't ship insecure code

We currently track more than 900 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.

All the info you need

When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.

See failed tests

Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.

Try it out now! Free for public repos.

Build for Python

PyUp is built to solve the specific structures and complex Python environments. For example, we parse requirements.txt, setup.cfg, tox.ini, Pipfiles and Conda files to keep your codebase secure and up to date. Read more

Plays nice with your integrations

A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.

Highly Configurable

Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? PyUp's dependency security and version updates are highly configurable. Read more on configuring PyUp.

Free for open source, get started now.

Don't want to give access to your private repos?

See our the Safety command line tool. You can run it locally or on your CI server.
We also offer on-premesis versions of PyUp our enterprise customers. Get in touch