As any software developer, I use many 3-party libraries in my daily job. Mostly, they are python libraries, but I think this theme should be language agnostic.<p>In python, we could store project's dependencies in different ways. They could be stated in the setup.py file or in pip's requirements.txt file. Some programmers prefer to pin exact version numbers some are not. I'm belonging to the first group.<p>Although pinning exact version numbers keeps me from accidental update to a backward incompatible versions, it also keeps me from updating (and more importantly from discovering) to a bug/security fixes, introduced in these new versions.<p>What do you use to follow 3-party libraries updates? How to solve this problem and keep on a bleeding edge?