Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.
Full Changelog: https://github.com/pyupio/safety/compare/2.1.1...2.2.0
PyUp is excited to release Safety 2.0 CLI and Safety as a GitHub Action!
Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. The new GitHub Action enables you to configure Python dependency security and compliance scans on your repositories on new commits, new branches, pull requests, and more.
--output
flag replaces --bare
, --text
, --screen
, and --json
flags. In this new release, examples would be: --output json
or --output bare
.--continue-on-error
flag suppresses non-zero exit codes to force pass CI/CD checks, if required.--debug
flag allows for a more detailed output.--disable-telemetry
flag has been added to disable telemetry data--policy-file
flag to include a local security policy file. This file (called .safety-policy.yml
, found in either the root directory where Safety is being run or in a custom location) is based on YAML 1.2 and allows for:
check
/license
/review
), and the Safety options used (without their values). Users can disable this functionality by adding the --disable-telemetry
flag.This version of Safety is not stable; it is only a beta, pre-release version. Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs. See the changelogs (CHANGELOG.md) and readme update for more detailed information.
The most notable high-level changes are:
This work was done by @yeisonvargasf 👏
Safety Binary Release
Safety Binary Release
Safety Binary Release
Safety Binary Release
Safety Binary Release