Safety checks your dependencies for known security vulnerabilities.

Don't ship insecure code.

Try it out

One command to check them all

Safety is a command line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues.

If you are using something insecure, you'll get a report on what exactly is affected.

Try It Out

Installation is extremely simple. Your first check is just a few seconds away.

To get started, install the command line client:

pip install safety

Once installed, run the safety check command:

safety check

This will check your current virtual environment.

To check a requirements file, run:

safety check -r requirements.txt
check out the readme more examples

Pricing

Safety is free and open source. The underlying free vulnerability database is updated once per month.

To get access to all vulnerabilities as soon as they are added, you need a Safety API key that comes with a paid pyup.io account, starting at $14.99 for individuals, or $49.99 for organizations.

Learn more about Pricing.

API Key

An API Key gives you access to the latest vulnerability database. Here's a guide on how to get one.

To use your API Key, append it with the --key parameter:

safety check --key your-api-key-here
safety check -r req.txt --key your-api-key-here

Meet the Safety family

The Safety family is a set of tools that help you to keep your dependencies secure.

Safety

Safety is a command line tool that checks local dependencies for known security vulnerabilities.

Learn More

Safety CI

Safety CI is integrated into pyup.io and checks commits and Pull Requests on your GitHub repo for insecure dependencies.

Learn More

Safety Django

Safety Django displays a red warning banner in your Admin area if you are using an insecure Django release.

Learn More