# Securing Git Repositories {% hint style="info" %} **Existing Customers: Upgrade to Safety 3.0** Safety 3.0 is now available, providing system-wide scanning, unpinned package support, new SBOM and JSON output formats, and more. {% endhint %} #### Securing your git source control management system The best place to start with scanning your Python codebases for dependency vulnerabilities is in a central place for your team, like your build pipeline or your central source control management system. This allows quick setup and will allow you to know what dependencies are in your systems, and secure them before they get to your production systems, without having to set up each developer's environment. #### A quick intro to transitive dependencies It's important to scan all the Python dependencies present in your systems, and not just the ones listed in your requirements files (these are called transitive, recursive, and run-time dependencies). #### Scanning *all* of your dependencies in your SCM systems Luckily, scanning your Python environments is really easy to do using our Safety command-line tool. Its default configuration is to scan the local environment where it is running. See our guides below to integrate Safety CLI into your SCM system: [Using GitHub Actions](https://docs.safetycli.com/safety-2/securing-git-scm-pipelines/github-actions) [Using Gitlab CI/CD Pipelines](https://docs.safetycli.com/safety-2/securing-git-scm-pipelines/gitlab-pipelines) [Using BitBucket Pipelines](https://docs.safetycli.com/safety-2/securing-git-scm-pipelines/bitbucket-pipelines) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.safetycli.com/safety-2/securing-git-scm-pipelines/securing-git-repositories.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.