Skip to content

Python Package Manager Support

Renovate supports upgrading dependencies in pip requirements (e.g. requirements.txt, requirements.pip) files.

Versioning Support

The PEP440 versioning scheme has been rewritten for JavaScript for the purposes of use in this project is published as @renovatebot/pep440. It supports both pinned versions as well as ranges. Legacy versions (=== prefix) are ignored.

How It Works

  1. Renovate will search each repository for any requirements files it finds.
  2. Existing dependencies will be extracted from the file(s)
  3. Renovate will look up the latest version on PyPI to determine if any upgrades are available
  4. If the source package includes a GitHub URL as its source, and has either a "changelog" file or uses GitHub releases, then Release Notes for each version will be embedded in the generated PR.

Alternative file names

The default file matching regex for requirements.txt aims to pick up the most popular conventions for file naming, but it's possible that some get missed. If you have a specific file or file pattern you want to get found by Renovate, then you can do this by adding a new pattern under the fileMatch field of pip_requirements. e.g. you could add this to your config:

  "pip_requirements": {
    "fileMatch": ["my/specifically-named.file", "\.requirements$"]
  }

Alternate registries

Renovate will default to performing all lookups on pypi.org, but it also supports alternative index URLs. There are two ways to achieve this:

index-url in requirements.txt

The index URL can be specified in the first line of the file, For example:

--index-url http://example.com/private-pypi/
some-package==0.3.1
some-other-package==1.0.0

Specify URL in configuration

The configuration option registryUrls can be used to configure an alternate index URL. Example:

  "python": {
    "registryUrls": ["http://example.com/private-pypi/"]
  }

Note: an index-url found in the requirements.txt will take precedent over a registryUrl configured like the above. To override the URL found in requirements.txt, you need to configure it in packageRules, as they are applied after package file extraction.

Disabling Python Support

The most direct way to disable all Python support in Renovate is like this:

  "python": {
    "enabled": false
  }

Alternatively, maybe you only want one package manager, such as npm. In that case this would enable only npm:

  "enabledManagers": ["npm"]

Future work

Feature requests are open for conda support, additional file types (e.g. setup.cfg), and of course pipenv support. You can locate these issues by filtering on the #python hashtag in the repository. Please +1 and/or add a comment to each issue that would benefit you so that we can gauge the popularity/importance of each.