Skip to content

Safety

Safety checks your installed dependencies for known security vulnerabilities.

You can use this cookiecutter template to create a python project with safety already configured.

Installation

pip install safety

Configuration

Safety can be used through:

  • Pre-commit:

    File: .pre-commit-config.yaml

    repos:
        - repo: https://github.com/Lucas-C/pre-commit-hooks-safety
          rev: v1.1.3
          hooks:
          - id: python-safety-dependencies-check
    
  • Github Actions: Make sure to check that the correct python version is applied.

    File: .github/workflows/security.yml

    name: Security
    
    on: [push, pull_request]
    
    jobs:
      Safety:
        runs-on: ubuntu-latest
        steps:
          - name: Checkout
            uses: actions/checkout@v2
          - uses: actions/setup-python@v2
            with:
              python-version: 3.7
          - name: Install dependencies
            run: pip install safety
          - name: Execute safety
            run: safety check
    

Ignore some vulnerabilities

First create a security policy file:

safety generate policy_file

References