Breaking Changes in Safety 3
As a major version upgrade, Safety 3.x includes several breaking changes over versions 2.x, which are summarized below. For more information on migrating from Safety CLI 2.x to Safety CLI 3.x, please refer to our migration guide.
Breaking Change Category | Description |
---|---|
Command Update |
|
Configuration File | The |
Policy File Changes | Specific configurations in the old policy file need to be translated to the new format. Notably, |
Scan Target Settings | The |
JSON Output Format | Safety CLI 3 introduces a new JSON output format for |
Using Both | Safety CLI 3 allows running both |
Validate Command | When using the |
Targeting Specific Requirements Files
In Safety CLI 2, it was possible to target specific requirements files. The new Safety Scan command is designed to allow you to scan all files in a project directory (or sub-directory) simultaneously rather than running separate scans targeted on each file.
The Policy File enables you to control the depth of those scans to detect nested requirements files, e.g. six folders deep within the current directory.
If you wish to specify a target directory for the Safety Scan, you can do so using the --target
option, e.g. safety scan
--target /path/to/project
. Safety Scan does not allow you to target single files, but the include-files section of the Policy File does allow you to include specific files in your scan if these are not detected in a normal scan.
Example:
include-files:
- path: inside_target_dir/requirements-docs.txt
file-type: requirements.txt
- path: inside_target_dir/requirements-dev.txt
file-type: requirements.txt
When running a new Safety Scan, the new CLI output will separate findings and recommendations by requirements file, e.g. requirements.txt will have its own set of recommendations, requirements-dev.txt will have its own, etc. This means that instead of running separate scans for each file, you can now run one simple scan and see all findings and recommendations in one output.
Last updated