Quick Start Guide

Running your first scan using Safety CLI 3 takes less than a minute and can be performed via our Command Line Interface or through the GitHub Action . Below we detail 1. Installation, 2. Authentication, and 3. Running your first scan.
To learn more about upgrading from Safety 2.x to Safety CLI 3 please check out our Migration guide.

Command Line Interface

1. Installation

Begin by installing Safety on your development machine.
  1. 1.
    Open your Terminal
  2. 2.
    Run the following command to install:
pip install safety

2. Log In or Register

1. Once installed, try to run your first scan using the following command:
safety scan
2. If you are already logged in, Safety will perform the scan. If you are not already authenticated, Safety CLI will prompt you to create an account or log in using existing credentials.
In both cases, a browser window will open with clear instructions on how to log in or create a new account. Once logged in, Safety CLI will show that you are authenticated and can proceed with the next step.
You will be unable to perform vulnerability scans unless you are authenticated. If you require assistance, please email [email protected].
To check your authentication status, you can run safety auth at any time.
Safety CLI after Successful Authentication

3. Running Your First Scan

  1. 1.
    Using the Terminal, navigate to a project, e.g. cd my/project/. (This root folder would normally contain files such as composer.lock, requirements.txt, READMEs, Pipfile.lock, pyproject.toml, .gitignores etc.)
  2. 2.
    Run the safety scan command.
  3. 3.
    Safety will now perform a scan of the current project directory, detecting all Python installations and requirements files. The output of the scan will be presented in the Terminal window.
Performing scans across entire development machines and in CI/CD
Detailed documentation on how to integrate Safety with other tools, perform system-wide scans, and more are available via the links to the left.

Basic Commands

The following are the most commonly used commands. A full glossary of available commands can be found here.
  • safety --help accesses Help and displays all available commands, utility commands, and options.
  • safety auth starts the authentication flow if not logged in and displays authentication status if logged in.
  • safety scan performs a vulnerability scan in the current directory.
  • safety system-scan performs a vulnerability scan across the entire development machine.
  • safety scan --apply-fixes performs a scan and automatically updates vulnerable dependencies to the next secure version.
Enterprise Customers:
  • Your organization may require installation to be performed via approved software bundles.
  • If your organization leverages SAML-based authentication, you will be prompted to enter your corporate login credentials at the authentication stage.
If you are unsure whether your organization uses either of these options, please contact your administrator or email [email protected].

GitHub Action

The quickest way to test Safety CLI in CI/CD is by using our GitHub Action, new in Safety CLI 3. Full documentation on the GitHub Action is available here:
If you require assistance, please email [email protected].