Quick Start Guide
Last updated
Last updated
Running your first scan using Safety CLI takes less than a minute and can be performed via our Command Line Interface or through the GitHub Action . Below we detail 1. Installation, 2. Authentication, and 3. Running your first scan.
To learn more about upgrading from Safety 2.x to Safety CLI please check out our Migration guide.
Begin by installing Safety on your development machine.
Open your Terminal
Run the following command to install:
1. Once installed, try to run your first scan using the following command:
2. If you are already logged in, Safety will perform the scan. If you are not already authenticated, Safety CLI will prompt you to create an account or log in using existing credentials.
In both cases, a browser window will open with clear instructions on how to log in or create a new account. Once logged in, Safety CLI will show that you are authenticated and can proceed with the next step.
You will be unable to perform vulnerability scans unless you are authenticated. Create an account and access your free trial here. If you require assistance, please email support@safetycli.com.
To check your authentication status, you can run safety auth
at any time.
Using the Terminal, navigate to a project, e.g. cd my/project/
. (This root folder would normally contain files such as composer.lock
, requirements.txt
, READMEs
, Pipfile.lock
, pyproject.toml
, .gitignores
etc.)
Run the safety scan
command.
Safety will now perform a scan of the current project directory, detecting all Python installations and requirements files. The output of the scan will be presented in the Terminal window.
Performing scans across entire development machines and in CI/CD
Detailed documentation on how to integrate Safety with other tools, perform system-wide scans, and more are available via the links to the left.
For users who prefer a more interactive environment, we also provide a Jupyter Notebook Quickstart guide. This notebook offers step-by-step instructions for running Safety CLI within a Jupyter environment, making it easier to explore the functionality and perform your first scan in a familiar interface.
You can access the quickstart notebook here: Jupyter Notebook Quickstart.
The following are the most commonly used commands. A full glossary of available commands can be found here.
safety --help
accesses Help and displays all available commands, utility commands, and options.
safety auth
starts the authentication flow if not logged in and displays authentication status if logged in.
safety scan
performs a vulnerability scan in the current directory.
safety system-scan
performs a vulnerability scan across the entire development machine.
safety scan --apply-fixes
performs a scan and automatically updates vulnerable dependencies to the next secure version.
Enterprise Customers:
Your organization may require installation to be performed via approved software bundles.
If your organization leverages SAML-based authentication, you will be prompted to enter your corporate login credentials at the authentication stage.
If you are unsure whether your organization uses either of these options, please contact your administrator or email support@safetycli.com.
The quickest way to test Safety CLI in CI/CD is by using our GitHub Action, new in Safety CLI 3. Full documentation on the GitHub Action is available here:
If you require assistance, please email support@safetycli.com.