Docker Containers

Safety is available in a Docker container, if you'd like to scan across Python versions or use Safety without having to install it or Python locally.

To get started, you can run the pyupio/safety-v2-beta image. Any arguments provided will be transparently passed through to Safety:

Bash
$ sudo docker run --rm -ti pyupio/safety-v2-beta --version
safety, version 2.0b5

Scanning from a requirements file works as expected, you just need to make sure to volume mount your project so that Safety can access it inside the container:

Bash
$ sudo docker run --rm -ti -v /path/to/my/project:/target pyupio/safety-v2-beta check -r /target/requirements.txt --key <YOUR-API-KEY>

You can also scan from stdin; this allows you to generate the list of dependencies outside the Docker container, while Safety runs within it. This is most useful when you're running an older version of Python for your application (eg, Python 2.7):

Bash
$ python -m pip list --format=freeze | sudo docker run -i --rm pyupio/safety-v2-beta check --stdin --key <YOUR-API-KEY>

Lastly, you can pass in an environment for Safety to scan. This can be a bit tricky, as you'll need to pass in the site-packages folder, and set the PYTHONPATH to ensure Safety scans it correctly. The following example is for a local virtualenv:

Bash
$ sudo docker run --rm -ti -v /path/to/my/project:/target -e PYTHONPATH=/target/.venv/lib/python3.10/site-packages pyupio/safety-v2-beta check --key <YOUR-API-KEY>