Today brings some sad news: we are shutting down Requires.io. The service will remain up and running until September 30th, 2022.

There are many services offering similar services now, especially regarding security vulnerabilities, so migrating away from requires.io should not be too hard. A couple of them:

• snyk …

Requires.io is all about being notified of outdated dependencies on PyPI packages.

Today we are proud to introduce Pipenv support!

Requires.io will now look for Pipenv and Pipenv.lock files at the root of your repository to warn you about oudated and insecure dependencies, licenses, changelogs... and even …

I run a small tea subscription service called Tomotcha, and each month we send Japanese tea directly from Osaka.

Like most small businesses we use Google tools extensively (Analytics, AdWords, Webmaster Tools...) and we periodically receive their emails about new stuffs.

Last week's topic was Does the speed of your …

DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) are now enabled on all Requires.io emails to ensure their delivery.

In addition, our email notification system is now registered and compliant with Gmail Email Markup so as to provide an easy access to your project's page:

Hope you'll enjoy …

Since version 8.0 (released a week ago), pip can check downloaded package archives against local hashes to protect against remote tampering. To verify a package against one or more hashes, add the hashes at the end of your requirements.txt files:

FooProject==1.2 --hash:sha256=2cf24dba5fb0a30e26e83b2ac5b9e29e \
                --hash:sha256 …

Requires.io is proud to introduce a new feature: license tracking for your requirements!

And if a licence differs between your version of a package and its latest one, you get the information in both Requirement and Latest columns.

We hope you will enjoy this new feature!

We released today a new version of the ShiningPanda plugin for Jenkins. For those who don't know this plugin yet, it is probably the easiest way to setup your Python projects with Jenkins. But let's have a look at the new features:

As you may know, requires.io is all about being notified of outdated dependencies on PyPI packages.

We just released a new event-driven notification system, rewritten from scratch to bring more flexibility to all requires.io users.

Email and pull-request policies are now configured at the organization level within the …

requires.io has a new logo!

This logo was designed with lots of dedication by the very talented Ayaka Yamamoto. She is now designing a new logo for our Japanese tea subscription service: tomotcha.com. The current logo looks like a cup of coffee...

Ayaka is based in Japan, but …

Over the last few weeks we've released a number of small patches and bugfix improving the overall experience with requires.io, to keep on helping you keep track of Python dependencies.