PyUp – Tool to Update Project’s Dependencies

PyUp is a tool that you can use to scan private and public Python dependencies for updates, vulnerabilities. The tool maintains a comprehensive database of known vulnerabilities over 233,000 Python dependencies. This is updated in real time, as soon as a new vulnerabilities are logged.

PyUp - Tool to Update Project's Dependencies
PyUp – Tool to Update Project’s Dependencies

The free plan is for non-commercial open source projects. it will be possible for user to create an account, and add public GitHub repos, as well as use the free Safety CLI and PyUp CLI tools to manage dependencies.

If there is a plan to use the commercial project version, or you want to get access to the real-time up-to-date vulnerability database, this will require a paid PyUp account.

There is a 7 days free trail plan for the commercial version if the user is looking to test the tool and verify the functionality with the existing repository.

This program my fit into your workflow. Get automated pull request fixes in GitHub, use the Safety CI to catch vulnerabilities before code reaches production, or integrate the command line tools into CI workflows as an example Travis CI integration. This is recommended to run the security scan and detect vulnerability at an early stage.

You can read more and use this tool on the following link: https://pyup.io/

Share
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments