One command to check them all
Safety is a command line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues.
If you are using something insecure, you'll get a report on what exactly is affected.
Try It Out
Installation is extremely simple. Your first check is just a few seconds away.
To get started, install the command line client:
pip install safety
Once installed, run the safety check command:
This will check your current virtual environment.
To check a requirements file, run:
safety check -r requirements.txtcheck out the readme more examples
Safety is free and open source. The underlying free vulnerability database is updated once per month.
To get access to all vulnerabilities as soon as they are added, you need a Safety API key that comes with a paid pyup.io account, starting at $14.99 for individuals, or $49.99 for organizations.
Learn more about Pricing.
An API Key gives you access to the latest vulnerability database. Here's a guide on how to get one.
To use your API Key, append it with the
safety check --key your-api-key-here
safety check -r req.txt --key your-api-key-here
Safety is a command line tool that checks local dependencies for known security vulnerabilities.
Safety CI is integrated into pyup.io and checks commits and Pull Requests on your GitHub repo for insecure dependencies.
Safety Django displays a red warning banner in your Admin area if you are using an insecure Django release.