safety v1.9 releases: checks your installed dependencies for known security vulnerabilities
Safety is a command-line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues.
If you are using something insecure, you’ll get a report on what exactly is affected.
See what is vulnerable
Safety CI integrates with your GitHub account, just like tests do. You’ll get a status on every pull request and on each and every commit – across all your branches.
See what exactly is wrong
If you are using a dependency with a known security vulnerability, checks on GitHub will fail and you’ll get a link to a page with details about the vulnerability. This allows you to check if you are affected and gives you all the details straight from the source.
Changelog v1.9 (2020-04-27)
- Dropped Python 2.7 support, requiring Python 3.5+
- Binary adjustments and enhancements on top of the reported vulnerability
- Using tox to help with local tests against different Python versions
pip install safety
To check your currently selected virtual environment for dependencies with known security vulnerabilities, run:
You should get a report similar to this:
Copyright (c) 2016, pyup.io