diff --git a/README.md b/README.md
index 92e18660cbf109166896736258197f3c33dace43..e9044eeb42f65475701a7cff7e147934beacd644 100644
--- a/README.md
+++ b/README.md
@@ -230,17 +230,6 @@ In addition to a textual report in the console, this job produces the following
| `$PYTHON_PROJECT_DIR/reports/py-bandit.bandit.csv` | [CSV](https://bandit.readthedocs.io/en/latest/formatters/csv.html) | [SonarQube integration](https://docs.sonarqube.org/latest/analysis/external-issues/)<br/>_This report is generated only if SonarQube template is detected_ |
| `$PYTHON_PROJECT_DIR/reports/py-bandit.bandit.json` | [JSON](https://bandit.readthedocs.io/en/latest/formatters/json.html) | [DefectDojo integration](https://defectdojo.github.io/django-DefectDojo/integrations/parsers/#bandit)<br/>_This report is generated only if DefectDojo template is detected_ |
-### `py-safety` job (dependency check)
-
-This job is **disabled by default** and performs a dependency check analysis using [Safety](https://pypi.org/project/safety/).
-
-It is bound to the `test` stage, and uses the following variables:
-
-| Input / Variable | Description | Default value |
-| ---------------- | ----------------------------------------------------------------------- | ----------------- |
-| `safety-enabled` / `SAFETY_ENABLED` | Set to `true` to enable Safety job | _none_ (disabled) |
-| `safety-args` / `SAFETY_ARGS` | Additional [Safety CLI options](https://github.com/pyupio/safety#usage) | `--full-report` |
-
### `py-trivy` job (dependency check)
This job is **disabled by default** and performs a dependency check analysis using [Trivy](https://github.com/aquasecurity/trivy/).
diff --git a/kicker.json b/kicker.json
index 50b76720a272b55ba1584312d2fc9ffbe90fdcca..dca014e3a94236dde60fe0dcfd74127e73565f18 100644
--- a/kicker.json
+++ b/kicker.json
@@ -128,20 +128,6 @@
}
]
},
- {
- "id": "safety",
- "name": "Safety",
- "description": "Detect security vulnerabilities with [Safety](https://pypi.org/project/safety/) (dependencies analysis)",
- "enable_with": "SAFETY_ENABLED",
- "variables": [
- {
- "name": "SAFETY_ARGS",
- "description": "Additional [Safety CLI options](https://github.com/pyupio/safety#usage)",
- "default": "--full-report",
- "advanced": true
- }
- ]
- },
{
"id": "trivy",
"name": "Trivy",
diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml
index 62d42ae57f6374f44c6c99ae98819c06851ffcb6..5853c642ace0660308a5fe1bec8a7c47b3ecd16e 100644
--- a/templates/gitlab-ci-python.yml
+++ b/templates/gitlab-ci-python.yml
@@ -96,13 +96,6 @@ spec:
bandit-args:
description: Additional [Bandit CLI options](https://github.com/PyCQA/bandit#usage)
default: --recursive .
- safety-enabled:
- description: Enable Safety
- type: boolean
- default: false
- safety-args:
- description: Additional [Safety CLI options](https://github.com/pyupio/safety#usage)
- default: --full-report
trivy-enabled:
description: Enable Trivy
type: boolean
@@ -228,9 +221,6 @@ variables:
BANDIT_ARGS: $[[ inputs.bandit-args ]]
- # Safety tool
- SAFETY_ARGS: $[[ inputs.safety-args ]]
-
# Trivy tool
PYTHON_TRIVY_ENABLED: $[[ inputs.trivy-enabled ]]
PYTHON_TRIVY_IMAGE: $[[ inputs.trivy-image ]]
@@ -267,7 +257,6 @@ variables:
NOSETESTS_ENABLED: $[[ inputs.nosetests-enabled ]]
BANDIT_ENABLED: $[[ inputs.bandit-enabled ]]
- SAFETY_ENABLED: $[[ inputs.safety-enabled ]]
PYTHON_SBOM_DISABLED: $[[ inputs.sbom-disabled ]]
PYTHON_RELEASE_ENABLED: $[[ inputs.release-enabled ]]
@@ -997,23 +986,6 @@ py-bandit:
when: never
- !reference [.test-policy, rules]
-# Safety (dependency check)
-py-safety:
- extends: .python-base
- stage: test
- # force no dependencies
- dependencies: []
- script:
- - mkdir -p -m 777 reports
- - install_requirements
- - _pip install safety
- - _pip freeze | _run safety check --stdin ${SAFETY_ARGS}
- rules:
- # exclude if $SAFETY_ENABLED not set
- - if: '$SAFETY_ENABLED != "true"'
- when: never
- - !reference [.test-policy, rules]
-
# Trivy (dependency check)
py-trivy:
extends: .python-base