Skip to content

Safety

Safety checks your installed dependencies for known security vulnerabilities.

You can use this cookiecutter template to create a python project with safety already configured.

Installation

pip install safety

Configuration

Safety can be used through:

  • Pre-commit:

    File: .pre-commit-config.yaml

    repos:
    - repo: https://github.com/Lucas-C/pre-commit-hooks-safety
      rev: v1.1.3
      hooks:
      - id: python-safety-dependencies-check

  • Github Actions: Make sure to check that the correct python version is applied.

    File: .github/workflows/security.yml

    name: Security

on: [push, pull_request]

jobs:
  Safety:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
        uses: actions/checkout@v2
      - uses: actions/setup-python@v2
        with:
          python-version: 3.7
      - name: Install dependencies
        run: pip install safety
      - name: Execute safety
        run: safety check

References