Linux command
safety 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Scan the current project
safety scan
Check a requirements file
safety check -r [requirements.txt]
Scan and output results as JSON
safety scan --output json
Generate an SBOM
safety scan --output sbom
Check installed packages
safety check
Show detailed vulnerability information
safety check -r [requirements.txt] --full-report
说明
Safety is a Python dependency vulnerability scanner that checks packages against Safety DB, a database of known security vulnerabilities. It identifies vulnerable and malicious packages in development environments, CI/CD pipelines, and production systems. The tool scans requirements files, project directories, or the entire Python environment. It provides detailed vulnerability information with CVE references and suggests secure package versions for remediation. Safety supports multiple output formats including plain text, JSON, HTML, and SBOM (Software Bill of Materials) for integration with security workflows and compliance requirements.
参数
- scan
- Scan a Python project for dependency vulnerabilities and malicious packages
- check
- Check Python dependencies for known security vulnerabilities
- -r, --requirements _FILE_
- Path to requirements file to check
- --output _FORMAT_
- Output format: text, json, sbom, or html
- --full-report
- Display full vulnerability report with remediation details
- --key _API_KEY_
- Use a Safety API key for access to the full vulnerability database
- --help
- Display help information
FAQ
What is the safety command used for?
Safety is a Python dependency vulnerability scanner that checks packages against Safety DB, a database of known security vulnerabilities. It identifies vulnerable and malicious packages in development environments, CI/CD pipelines, and production systems. The tool scans requirements files, project directories, or the entire Python environment. It provides detailed vulnerability information with CVE references and suggests secure package versions for remediation. Safety supports multiple output formats including plain text, JSON, HTML, and SBOM (Software Bill of Materials) for integration with security workflows and compliance requirements.
How do I run a basic safety example?
Run `safety scan` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does scan do in safety?
Scan a Python project for dependency vulnerabilities and malicious packages