We believe that whenever possible, automated dependency updates
should be done exactly like you would do them yourself. We use
pipenv update, and
all the other commands that you use while working.
$ npm upgrade && git commit
When versions outside of your range are available, we'll let you know with a PR for that specific dependency. With release notes and test results at hand, you'll be able to decide if updating makes sense for your project and if more work is required.
For package managers that support version ranges + lockfiles, we make it easy to use the latest changes. When your lockfile becomes outdated, we'll send a PR with the most up-to-date version. When your tests pass, merge the PR to effortlessly make use of all the latest bug fixes and patches to your direct and transitive dependencies.
Your repo's dependencies are being updated all the time, whether or not you're working on the project. Our daily, weekly, and monthly scheduling options let you receive updates at a rate that works for you and your team.
For mission-critical projects that constantly need to be up-to-date with the latest bug fixes and security patches.
Ideal for teams that want to stay on top of their dependencies, but don't need every patch as soon as it comes out.
Perfect for low-touch projects that are on the back-burner. Don't let them fall too far behind.