A pull-request to stay secure
Requires.io is all about being notified of outdated dependencies on PyPI packages.
However manually bumping your requirements can be tedious and error-prone.
Starting from now, GitHub users can opt-in to receive pull-requests and manage their dependencies this way.
Added benefit if your Continuous Integration provider supports checking pull-requests: you'll know if the update breaks your code without having to do anything...
Enable this feature in 4 steps:
- Sign-in via GitHub (sorry Bitbucket, we're still working on it)
- Enable your repository
- Step in the
Pull Requestssection of your administration dashboard and input the desired notification frequency for outdated and insecure releases: there may be no need to update only because a new version is available, but a security release is another thing altogether.
- Wait for it, then merge:
And now you're one click away from staying secure and up-to-date!