Check your security vulnerabilities with safety

The database is only updated once a month, but it is a useful check nonetheless.

Alex Strick van Linschoten


November 27, 2021

safety is a tiny tool that checks your package’s dependencies for security vulnerabilities. It is free to use for open-source projects, and using it is as a pip install safety followed by safety check.

It checks a database of known security vulnerabilities. This database is only updated once every month, but if you are not open-source or you need access to the more frequently-updated database, then you can subscribe via pyup.

With that caveat, it’s not perfect, but it’s better than nothing. An easy CI win for open-source projects.

[I first learned of this tool here. Many thanks to calmcode for continuing to make these really useful videos.]