System-Wide Developer Machine Scanning

Shift Left: Protection at Every Stage of Development

Performing scans in single project repositories or in CI/CD and Production is insufficient to provide true end-to-end security. Safety CLI 3 allows developers to detect all Python installations and vulnerabilities in their environment by performing system-wide scans of development machines.

Once Safety CLI is installed and you have authenticated, we follow a similar process to the normal directory-specific safety scan.

In your terminal, run the following command:

safety system-scan 

Running safety system-scan will:

  • Scan your entire development machine for Python package files, requirements files and Python virtual environments, indexing all the packages found.

  • Conduct a security analysis of these packages against known security vulnerabilities and malicious package lists.

  • Identify known vulnerabilities in these packages, including their location and version.

  • Provide fix recommendations.

Once complete, your terminal will show a summary of the vulnerable packages that were found and recommended actions.

If the safety system-scan command is not found, or your safety version is less than 3.0, you need to install Safety version 3 before continuing below.

Please note that the new safety scan command is currently in beta. At this time, safety check is still supported but will be phased out in the coming months as we transition fully to safety scan.

Last updated