Links

Viewing Scan Results

How to view and understand scan results in the Safety CLI

CLI Screen Output

When a safety scan is run, output will be displayed in the Terminal window. This output is split into the following sections:
  1. 1.
    Scan Details:
    • Version of Safety installed
    • Project repository being scanned
    • Account details of the user performing the scan
    • Confirmation that Python has been detected and the number of requirements files detected in the current location.
  2. 2.
    Dependency Vulnerabilities Detected
    • Safety provides details on all dependencies detected during the scan, the number of vulnerabilities present in each, and detailed data about those vulnerabilities, including the Vulnerability ID and relevant CVE IDs.
Safety CLI output showing vulnerabiities detected in a requirements file.
  1. 3.
    Recommendations
    • For each vulnerability that has been detected, Safety will recommend that each be updated to a version in which the vulnerabilities have been fixed.
    • A URL is provided, which can be copied and pasted into your browser to review additional information on each dependency, the vulnerabilities detected, and versions with the fix applied.
Recommendations provided for each vulnerability detected in the previous step.
Example of detailed changelogs for a package detected in the original scan using the URL provided.

Safety Platform

In addition to viewing output in the Terminal, all scan results are pushed to Safety Platform. Full details on how to view, interpret, and act upon Safety Platform information will be published as part of the Safety Platform documentation.