Workflow

Simplesecurity

Latest version: v2023.0.2

Safety actively analyzes 682471 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 2 of 4

2021.2

- Added `--zero/-0` flag to return non-zero exit code if any security
vulnerabilities are found

2021.1.1

- Tweak safety plugin so it reads from the local requirements file if possible

2021.1

- Fix `_doSafetyProcessing` findings/evidence
- Update semgrep rules 2021/01/19 e74345b
https://github.com/returntocorp/semgrep-rules/tree/e74345bda4b1e080a7c72d383d06f1d110dedbce

2021 - 2021/01/04

- Bandit broke things! Now fixed

2020.5.0

- Added sarif format https://sarifweb.azurewebsites.net/

2020.4.1

- Bugfixes with deduplication and erroneous print

2020.4

- Add PyGraudit https://github.com/FHPythonUtils/PyGraudit
- Pretty fast
- Not particularly accurate - lots of false negatives
- semgrep https://github.com/returntocorp/semgrep
- Pretty slow (looking at 30s to run 110 tests)
- Pretty good (probably on par with bandit)
- Added `--fast/--skip` to skip past slow plugins when running all plugins
- This will skip `semgrep` (saving 30s of 35s in tests)
- This will run a less reliable instance of `dodgy` (saving 3s of 5s in tests)
- ...so runtime is taken down from around 35s to 2s
- Using semgrep rules 2020/10/16 52d7424
https://github.com/returntocorp/semgrep-rules/commit/52d74240dd3ece8d54a626aae89cb13af4b4d224

Page 2 of 4

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.