Skip to content

Lucas-C/pre-commit-hooks-safety

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 22 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github/workflows
Fixing tests & GitHub Actions pipeline
January 4, 2023 10:50
pre_commit_hooks
Ensuring compatibility with latest safety version (WIP)
January 4, 2023 00:15
tests
Fixing tests & GitHub Actions pipeline
January 4, 2023 10:50
.gitignore
Ensuring compatibility with latest safety version (WIP)
January 4, 2023 00:15
.pre-commit-config.yaml
Release v1.3.1
January 4, 2023 10:55
.pre-commit-hooks.yaml
Release v1.3.0
July 1, 2022 15:51
.pylintrc
Release v1.3.0
July 1, 2022 15:51
CHANGELOG.md
Release v1.3.1
January 4, 2023 10:55
LICENSE
Create LICENSE
April 27, 2019 21:42
README.md
Release v1.3.1
January 4, 2023 10:55
dev-requirements.txt
Initial version
November 7, 2016 14:07
pytest.ini
Ensuring compatibility with latest safety version (WIP)
January 4, 2023 00:15
renovate.json
Add renovate.json
November 2, 2021 14:53
setup.py
Release v1.3.1
January 4, 2023 10:55
Usage How to Use Arguments Alternative local hook Development Setup Releasing

README.md

build status

A pre-commit hook to check your Python dependencies against safety-db.

It checks all files containing requirements in their name in the repo.

Releases details: CHANGELOG.md

Note that telemetry data will be sent with every Safety call. These data are anonymous and not sensitive. This includes the Python version, the Safety command used (check/license/review), and the Safety options used (without their values). Users can disable this functionality by adding the --disable-telemetry flag.

Usage

-   repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.3.1
    hooks:
    -   id: python-safety-dependencies-check

How to Use Arguments

There are a few different arguements that this hook will accept.

The first is the files arguement. Simply put which file your dependancies are listed in.

-   repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.3.1
    hooks:
    -   id: python-safety-dependencies-check
        files: pyproject.toml

The next is the --ignore flag. This will ignore a comma seperated list of known security issues. For example

-   repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.3.1
    hooks:
    -   id: python-safety-dependencies-check
        args: ["--ignore=39153,39652"]

You can also select between --full-report and --short-report. By default safety will use the --full-report flag so you can omit it for cleaner code.

-   repo: https://github.com/Lucas-C/pre-commit-hooks-safety
    rev: v1.3.1
    hooks:
    -   id: python-safety-dependencies-check
        files: pyproject.toml
        args: ["--short-report"]

This will remove the extra detail about what vulnerability was fixed. This can be useful if multiple issues are found and you want to read through less text. Of course these can be used in any combination with each other as needed.

For more information look at the pre-commit documentation. There you can find some more thorough examples. You may for example want to use always_run: true in order to systematically run this hook, even when no dependency files have been modified.

Alternative local hook

You'll need to pip install safety beforehand:

-   repo: local
    hooks:
    -   id: python-safety-dependencies-check
        name: safety
        entry: safety
        args: [check, --full-report, --file]
        language: system
        files: requirements

Development

Setup

pip install -r dev-requirements.txt
pre-commit install

Releasing

  1. Bump version in this README.md file, setup.py, .pre-commit-config.yaml & CHANGELOG.md
  2. git commit -nam "Release $version" && git push && git tag $version && git push --tags
  3. Create a GitHub release

About

A pre-commit hook to check your Python dependencies against safety-db

Topics

python security pre-commit git-hooks safety-db

Resources

Readme

License

MIT license

Stars

69 stars

Watchers

2 watching

Forks

15 forks

Releases 7

Compatibility with latest safety version (2.3.5) + ensured compatibility with Python 3.11 Latest
Jan 4, 2023
+ 6 releases

Packages

No packages published

Contributors 6

Languages