Skip to content

Safety scanner

πŸ€– AI-Generated Content

This documentation was generated with AI assistance and is still being audited. Some, or potentially a lot, of this information may be inaccurate. Learn more.

provide.testkit.quality.security.safety_scanner

Safety dependency vulnerability scanner implementation.

Classes

SafetyScanner 

SafetyScanner(config: dict[str, Any] | None = None)

Dependency vulnerability scanner using Safety.

Scans Python dependencies against the PyUp Safety database for known security vulnerabilities.

Initialize safety scanner.

Parameters:

Name Type Description Default
config dict[str, Any] | None

Scanner configuration options. If "policy_file" is not specified, will auto-detect .provide/security/safety-policy.yml if it exists.

 None
Source code in provide/testkit/quality/security/safety_scanner.py 
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
def __init__(self, config: dict[str, Any] | None = None) -> None:
    """Initialize safety scanner.

    Args:
        config: Scanner configuration options. If "policy_file" is not specified,
                will auto-detect .provide/security/safety-policy.yml if it exists.
    """
    if not SAFETY_AVAILABLE:
        raise QualityToolError(
            "Safety not available. Install with: pip install safety",
            tool="safety",
        )

    self.config = config or {}
    self.artifact_dir: Path | None = None

    # Auto-detect policy file if not explicitly specified
    if "policy_file" not in self.config:
        default_config = self._get_default_config_path()
        if default_config:
            self.config["policy_file"] = default_config
Functions
analyze 
analyze(path: Path, **kwargs: Any) -> QualityResult

Run safety analysis on the given path.

Parameters:

Name Type Description Default
path Path

Path to analyze (directory with requirements or pyproject.toml)

 required
**kwargs Any

Additional options including artifact_dir

 {}

Returns:

Type Description
QualityResult

QualityResult with vulnerability analysis data
Source code in provide/testkit/quality/security/safety_scanner.py 
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
def analyze(self, path: Path, **kwargs: Any) -> QualityResult:
    """Run safety analysis on the given path.

    Args:
        path: Path to analyze (directory with requirements or pyproject.toml)
        **kwargs: Additional options including artifact_dir

    Returns:
        QualityResult with vulnerability analysis data
    """
    self.artifact_dir = kwargs.get("artifact_dir", Path(".provide/output/security"))
    start_time = time.time()

    try:
        result = self._run_safety_scan(path)
        result.execution_time = time.time() - start_time
        self._generate_artifacts(result)
        return result

    except Exception as e:
        return QualityResult(
            tool="safety",
            passed=False,
            details={"error": str(e), "error_type": type(e).__name__},
            execution_time=time.time() - start_time,
        )
report 
report(
    result: QualityResult, format: str = "terminal"
) -> str

Generate report from QualityResult.

Source code in provide/testkit/quality/security/safety_scanner.py 
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
def report(self, result: QualityResult, format: str = "terminal") -> str:
    """Generate report from QualityResult."""
    if format == "terminal":
        return self._generate_text_report(result)
    elif format == "json":
        return json.dumps(
            {
                "tool": result.tool,
                "passed": result.passed,
                "score": result.score,
                "details": result.details,
            },
            indent=2,
        )
    else:
        return str(result.details)

Functions