diff --git a/docs/.ipynb_checkpoints/Safety-CLI-Quickstart-checkpoint.ipynb b/docs/.ipynb_checkpoints/Safety-CLI-Quickstart-checkpoint.ipynb new file mode 100644 index 00000000..363fcab7 --- /dev/null +++ b/docs/.ipynb_checkpoints/Safety-CLI-Quickstart-checkpoint.ipynb @@ -0,0 +1,6 @@ +{ + "cells": [], + "metadata": {}, + "nbformat": 4, + "nbformat_minor": 5 +} diff --git a/docs/Safety-CLI-Quickstart.ipynb b/docs/Safety-CLI-Quickstart.ipynb new file mode 100644 index 00000000..f32ad937 --- /dev/null +++ b/docs/Safety-CLI-Quickstart.ipynb @@ -0,0 +1,141 @@ +{ + "cells": [ + { + "cell_type": "markdown", + "id": "f24e2363", + "metadata": {}, + "source": [ + "[![safety](https://cdn.safetycli.com/images/cli_readme_header.png)](https://docs.safetycli.com/)" + ] + }, + { + "cell_type": "markdown", + "id": "b4f4e8ff", + "metadata": {}, + "source": [ + "# Safety CLI Quickstart Guide\n", + "\n", + "## Introduction\n", + "Safety CLI is a Python dependency vulnerability scanner designed to enhance software supply chain security by detecting packages with known vulnerabilities and malicious packages in local development environments, CI/CD, and production systems. Safety CLI can be deployed in minutes and provides clear, actionable recommendations for remediation of detected vulnerabilities.\n", + "\n", + "Leveraging the industry's most comprehensive database of vulnerabilities and malicious packages, Safety CLI Scanner allows teams to detect vulnerabilities at every stage of the software development lifecycle.\n", + "\n", + "\n", + "## Installation\n", + "To install Safety, run the following command (please ignore the `%%capture` text, this is just to suppress jupyter notebook output):\n" + ] + }, + { + "cell_type": "code", + "execution_count": 4, + "id": "227ab8d1", + "metadata": {}, + "outputs": [], + "source": [ + "%%capture\n", + "!pip install safety" + ] + }, + { + "cell_type": "code", + "execution_count": 11, + "id": "8493f5de", + "metadata": {}, + "outputs": [ + { + "name": "stdout", + "output_type": "stream", + "text": [ + "\u001b[1mSafety\u001b[0m 3.2.5 scanning /safety/docs\n", + "2024-09-05 21:34:45 UTC\n", + "\n", + "\u001b[1;39;49mAccount\u001b[0m: [Your Name], your.email@example.com \n", + "\u001b[1;39;49m Git branch\u001b[0m: feature/demo-notebook\n", + "\u001b[1;39;49m Environment\u001b[0m: Stage.development\n", + "\u001b[1;39;49m Scan policy\u001b[0m: None, using Safety CLI default policies\n", + "\n", + "\u001b[2K\u001b[32m[ ]\u001b[0m Fetching Safety's vulnerability database.....\n", + "\u001b[1A\u001b[2K\u001b[?25lPython detected. Found 1 Python requirement file\n", + "\u001b[2K\u001b[32m[ ]\u001b[0m Scanning project directory\n", + "\u001b[2K\u001b[32m[== ]\u001b[0m Analyzing python files and environments for security findingsy findings\n", + "\u001b[2KDependency vulnerabilities detected:nd environments for security findings\n", + "\u001b[2Km[= ]\u001b[0m Analyzing python files and environments for security findings\n", + "\u001b[2KšŸ“ \u001b[1;39;49mdemo_requirements.txt:\u001b[0menvironments for security findings\n", + "\u001b[2Km[= ]\u001b[0m Analyzing python files and environments for security findings\n", + "\u001b[2K \u001b[1;33;49minsecure-\u001b[0m\u001b[1;33;49mpackage\u001b[0m\u001b[1;36;49m==\u001b[0m\u001b[1;36;49m0.1\u001b[0m [1 vulnerability found] \n", + "\u001b[2K -> Vuln ID \u001b[1;39;49m58758\u001b[0m: \n", + "\u001b[2K Insecure-package 0.2.0 test vuln. \n", + "\u001b[2K No known fix for \u001b[1;33;49minsecure-\u001b[0m\u001b[1;33;49mpackage\u001b[0m\u001b[1;36;49m==\u001b[0m\u001b[1;36;49m0.1\u001b[0m to fix \u001b[1;36;49m1\u001b[0m vulnerability \n", + "\u001b[2K Learn more: \u001b[4;94;49mhttps://data.safetycli.com/p/pypi/insecure-package/eda/?\u001b[0m\u001b[4;94;49mfrom\u001b[0m\u001b[4;94;49m=\u001b[0m\u001b[4;94;49m0\u001b[0m\u001b[4;94;49m.1\u001b[0m \n", + "\u001b[2K\u001b[32m[= ]\u001b[0m Analyzing python files and environments for security findings\n", + "\u001b[1A\u001b[2K\n", + "--------------------------------------------------------------------------------\n", + "Apply Fixes\n", + "--------------------------------------------------------------------------------\n", + "\n", + "\u001b[32mRun `safety scan --apply-fixes`\u001b[0m to update these packages and fix these \n", + "vulnerabilities. Documentation, limitations, and configurations for applying \n", + "automated fixes: \n", + "\u001b[4;94;49mhttps://docs.safetycli.com/safety-docs/vulnerability-remediation/applying-fixes\u001b[0m\n", + "\n", + "Alternatively, use your package manager to update packages to their secure \n", + "versions. Always check for breaking changes when updating packages.\n", + "\u001b[1;39;49mTip\u001b[0m: For more detailed output on each vulnerability, add the `--detailed-output`\n", + "flag to safety scan.\n", + "\n", + "--------------------------------------------------------------------------------\n", + "\n", + "Tested \u001b[1;36;49m1\u001b[0m dependency for known security issues using default Safety CLI policies\n", + "\u001b[1;36;49m1\u001b[0m security issue found, \u001b[1;36;49m0\u001b[0m fixes suggested\n", + "\u001b[?25l\u001b[32m[ ]\u001b[0m Processing report\n", + "\u001b[1A\u001b[2K\u001b[?25l\n", + "\u001b[2K\u001b[32m[ ]\u001b[0m Processing report\n", + "\u001b[1A\u001b[2K" + ] + } + ], + "source": [ + "import os\n", + "\n", + "# Add demo_requirements.txt file with an insecure package\n", + "with open(\"demo_requirements.txt\", \"w\") as file:\n", + " file.write(\"insecure-package==0.1\\n\")\n", + "\n", + "# Run the safety scan command directly\n", + "!safety scan \n", + "\n", + "# Clean up by removing the demo_requirements.txt file\n", + "os.remove(\"demo_requirements.txt\")" + ] + }, + { + "cell_type": "code", + "execution_count": null, + "id": "6b354cb6", + "metadata": {}, + "outputs": [], + "source": [] + } + ], + "metadata": { + "kernelspec": { + "display_name": "Python 3 (ipykernel)", + "language": "python", + "name": "python3" + }, + "language_info": { + "codemirror_mode": { + "name": "ipython", + "version": 3 + }, + "file_extension": ".py", + "mimetype": "text/x-python", + "name": "python", + "nbconvert_exporter": "python", + "pygments_lexer": "ipython3", + "version": "3.11.2" + } + }, + "nbformat": 4, + "nbformat_minor": 5 +}