Links

Available Commands and Inputs

The available commands and options within Safety CLI Scanner are detailed below. These can also be found within Safety CLI by typing safety --help or safety [command] --help.

Authentication

safety auth --help
Command/Option
Description
Commands
login
Authenticate with Safety CLI to perform scans. Your default browser will automatically open to https://platform.safetycli.com unless already authenticated. Example: safety auth login
logout
Log out from the current Safety CLI session. Example: safety auth logout
status
Show the current authentication status. Example: safety auth status
Options
--install-completion
Install shell-specific completion scripts. Example: safety auth --install-completion fish
--show-completion
Show shell completion scripts for manual setup. Example: safety auth --show-completion fish
--help
Show detailed help information for commands and options. Example: safety auth --help

Commands

safety --help
Command/Option
Description
Commands
auth
Authenticate Safety CLI to perform scans. Your default browser will automatically open to https://platform.safetycli.com. Example: safety auth login
scan
Run vulnerability scans on a Python project directory. Example: safety scan
system-scan
Run a comprehensive scan for packages and vulnerabilities across your entire machine/environment. Example: safety system-scan
Other Commands
alert
[Deprecated] Create GitHub Pull Requests from scan results. Being replaced by newer features. Example: safety alert
check
[Deprecated] Find vulnerabilities in target files/environments. Now replaced by safety scan. Example: safety check /path/to/requirements.txt
check-updates
Check for updates to the Safety CLI. Example: safety check-updates
configure
Set up global configurations for Safety CLI, including proxy settings and organization details. Example: safety configure --proxy-host 192.168.0.1
generate
Generate a standard Safety CLI policy file to establish baseline policies for scans. Example: safety generate policy_file
validate
Check if your local Safety CLI policy file is valid. Example: safety validate /path/to/policy.yml
Options
--stage
Assign a development lifecycle stage to your scan (default: development). Example: safety scan --stage production
--key
Use an API key for scans in CI/CD or Production (default: none). For Development scans, unset the API key and authenticate using safety auth. Example: safety scan --key 'your_api_key'
--proxy-host
Specify a proxy host for network communications. Example: safety configure --proxy-host 'proxy.example.com'
--proxy-port
Set the proxy port (default: 80). Note: proxy details can be set globally in a config file. See safety configure --help. Example: safety configure --proxy-port 8080
--proxy-protocol
Choose the proxy protocol (default: https). Note: proxy details can be set globally in a config file. See safety configure --help. Example: safety configure --proxy-protocol https
--disable-optional-telemetry-data
Opt-out of sending optional telemetry for privacy. Anonymized telemetry data will remain. Example: safety scan --disable-optional-telemetry-data
--debug
Enable debug mode for detailed output in addition to standard output. Example: safety scan --debug
--version
Display the installed version of Safety CLI. Example: safety --version
--help
Show detailed help information for commands and options. Example: safety --help

Safety Scan Options

safety scan --help
Command/Option
Description
Options
--target
Define a specific project path for scanning. Example: safety scan --target /path/to/project
--output
Set the format for scan results (default: screen) using Screen, JSON, HTML, or SPDX. Example: safety scan --output json
--detailed-output
Enable a verbose scan report for detailed insights. Example: safety scan --detailed-output
--save-as
Save scan results in different formats, including text, json, html, and spdx. Example: safety scan --save-as json results.json
--policy-file
Use a local policy file for scanning. Example: safety scan --policy-file /path/to/policy.yml
--install-completion
Install command-line completion for easier use. Example: safety --install-completion bash
--show-completion
Display shell completion scripts for customization. Example: safety --show-completion zsh
--apply-fixes
Automatically apply updates to requirements files for identified vulnerabilities in accordance with the parameters set in the config file. Example: safety scan --apply-fixes