Skip to content

Python package manager support

Renovate supports several Python package managers, including pip, pipenv, poetry, etc. See all supported managers.

Versioning support

We've written a JavaScript version of the PEP440 specification so we can use it in Renovate bot. You can find this project in our renovatebot/pep440 repository.

Our PEP440 implementation supports pinned versions and ranges. Legacy versions with the === prefix are ignored.

How it works

  1. Renovate searches through each repository for package files
  2. Existing dependencies are extracted from the package files
  3. Renovate searches for the latest version on PyPI to decide if there are upgrades
  4. If the source package includes a GitHub URL as its source, and has a "changelog" file or uses GitHub releases, a Release Note will be embedded in the generated PR

Alternative file names

For the pip_requirements manager, the default file matching regex for requirements.txt follows common file name conventions. But Renovate may not find all your files.

You can tell Renovate where to find your file(s) by setting your own fileMatch regex:

{
  "pip_requirements": {
    "fileMatch": ["my/specifically-named.file", "\\.requirements$"]
  }
}

Alternate registries

By default Renovate checks for upgrades on the pypi.org registry.

If you want, you can set alternative index URLs. There are three ways to do this:

  • index-url in requirements.txt
  • sources in Pipfile
  • set URL in Renovate configuration

index-url in requirements.txt

You can set the index URL in the first line of the requirements.txt, for example:

--index-url http://example.com/private-pypi/
some-package==0.3.1
some-other-package==1.0.0

Sources in Pipfile

Renovate finds and uses any custom sources in your Pipfile.

Sources in pyproject.toml

Renovate detects any custom-configured sources in pyproject.toml and uses them.

Specify URL in configuration

Create a python object and put a registryUrls array in it. Fill the array with alternate index URL(s).

{
  "python": {
    "registryUrls": ["http://example.com/private-pypi/"]
  }
}

Tip

If a requirements.txt file has an index-url then Renovate follows that link, instead of following any link set in the registryUrls array. To override the URL found in requirements.txt, you must create a custom packageRules setting. This is because packageRules are applied after package file extraction.

Disabling Python support

To disable all managers with language set to python in Renovate, do this:

{
  "python": {
    "enabled": false
  }
}

Alternatively, you can use enabledManagers to tell Renovate what package managers it can use. For example, if you only want to use Renovate's npm package manager:

{
  "enabledManagers": ["npm"]
}