Don't ship insecure code
We currently track more than 600 known security vulnerabilities in Python dependencies. You'll know if there is a security fix for one of your dependencies available.
All the info you need
When we send you a pull request, we include all the info you need to make a informed decision about what is being updated. Most of the time even with a changelog.
See failed tests
Dependency updates will break your code from time to time. A pull request will run your tests automatically, allowing you to see what breaks - and why.
Plays nice with your integrations
A pull requests triggers the integrations you have set up on your GitHub repo. Run CI tests automatically or post a message to the team's favored chat channel.
Do you have a large legacy codebase and only want to receive security updates? Or a library and only want to receive updates for your dev environment? We support that.