PyUp integrates deeply with GitHub.
PyUp Bot integration opens pull requests on your repository when a new security vulnerability is discovered that is present in your system. The pull request will update the relevant Python dependencies to patch the security vulnerability. Optionally, PyUp Bot can also open pull requests to upgrade dependencies when new versions are available, ensuring you are using the most up-to-date versions of each dependency you rely on.
Safety CI runs a security scan on any new code that gets added to your GitHub repository. For example, when new code is pushed to a branch or a pull request is created, Safety CI will run a security scan on that code. The results of the scan will be visible inside GitHub (seen as a test), and additional information and a history of your scans are viewable in PyUp's account dashboards.
While Safety CI is easy to set up, we recommend instead running Safety scans in a custom GitHub Action. This is a more comprehensive way to scan your dependencies because it can analyze your environment and catch recursive and transitive dependencies.