BasiliskScan - CLI para varrer projetos e listar dependências vulneráveis ou desatualizadas.
Project description
BasiliskScan 🔍
██████╗ █████╗ ███████╗██╗██╗ ██╗███████╗██╗ ██╗
██╔══██╗██╔══██╗██╔════╝██║██║ ██║██╔════╝██║ ██╔╝
██████╔╝███████║███████╗██║██║ ██║███████╗█████╔╝
██╔══██╗██╔══██║╚════██║██║██║ ██║╚════██║██╔═██╗
██████╔╝██║ ██║███████║██║███████╗██║███████║██║ ██╗
╚═════╝ ╚═╝ ╚═╝╚══════╝╚═╝╚══════╝╚═╝╚══════╝╚═╝ ╚═╝
Advanced CLI for comprehensive dependency and vulnerability analysis in software projects
🇧🇷 Prefer Portuguese? See
README.pt-BR.md.
Overview
BasiliskScan is a command-line tool that scans projects, identifies dependencies, checks vulnerability sources, and generates rich HTML reports.
Key Features
- Recursive dependency discovery across supported manifests
- Vulnerability ingestion from OSV, NVD, and Sonatype Guide
- Offline vulnerability database mode
- Rich terminal UI with progress and status feedback
- Interactive HTML report output
Supported Files
- Node.js / Ionic:
package.json,package-lock.json,npm-shrinkwrap.json - Java:
pom.xml,build.xml,build.gradle,build.gradle.kts,gradle.lockfile
Installation
Requirements
- Python 3.10 or newer
- pip
Install from PyPI
pip install basiliskscan
Verify Installation
bscan --version
bscan --help
Development Installation
git clone https://github.com/PuertA/basiliskscan.git
cd basiliskscan
pip install -e .
Quick Usage
# Scan current directory
bscan scan
# Scan a specific project
bscan scan --project ./my-app
# Save report with custom name
bscan scan --project ./my-app --output my-report.html
Offline Vulnerability Database
- Default DB path:
resources/offline/offline_vulnerabilities.db - Optional override:
BASILISKSCAN_OFFLINE_DB_DIR
# Show local DB status
bscan offline-db --status
# Sync expired components
bscan offline-db --sync
# Force full sync
bscan offline-db --sync --force
# Scan using local data only
bscan scan --offline
Optional Configuration
Create a .env file in the directory where you run bscan:
NVD_API_KEY=your-nvd-api-key
Commands Reference
bscan scan --help
bscan nvd-key --help
bscan nvd-register-guide
bscan sonatype-guide-key --help
bscan offline-db --help
Project Version Updates
python scripts/bump_version.py patch
python scripts/bump_version.py minor
python scripts/bump_version.py major
python scripts/bump_version.py set 1.2.3
License
This project is licensed under the MIT License. See LICENSE.
Contact
- Issues: https://github.com/PuertA/basiliskscan/issues
- Discussions: https://github.com/PuertA/basiliskscan/discussions
Built with ❤️ for the developer community.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file basiliskscan-1.5.1.tar.gz.
File metadata
- Download URL: basiliskscan-1.5.1.tar.gz
- Upload date:
- Size: 108.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7aa294cae431f1e493b884b15f7329fcbcd347c48c03e09f4f1fe8ecf655146e
|
|
| MD5 |
9a41f2387eaedd9f9e2c5f4ffcef3eb9
|
|
| BLAKE2b-256 |
8d82c9721f9dcb1a80b3deca4268acfb94b7c52d3ddba4c996f921eb76b952c3
|
File details
Details for the file basiliskscan-1.5.1-py3-none-any.whl.
File metadata
- Download URL: basiliskscan-1.5.1-py3-none-any.whl
- Upload date:
- Size: 106.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.3
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ead2b190b39eedd108e45667305621248a684a9cbd7a779ae4704a09adbee1a5
|
|
| MD5 |
9a7059c581914d6ca27730a397edad95
|
|
| BLAKE2b-256 |
6791a5dd8d43502b2a548f7bba8b792890b5e7fc8a49182693d5110a9f53dfd9
|
