Security baseline for your project. One command, you're set.
Project description
Bootsec
Security baseline for your project. One command, you're set.
Fast — under 60 seconds. No network calls.
Quick Start
pip install bootsec
bootsec go
That's it. You now have:
.gitignorethat blocks secretsSECURITY.mdfor vulnerability reportsdocs/security-checklist.mdpre-launch checklist.pre-commit-config.yamlcommit guard
Commands
| Command | Description |
|---|---|
bootsec go |
Full setup: docs + commit guard |
bootsec guard |
Block commits with issues (pre-commit, <1s) |
bootsec peek |
Preview what go would create |
bootsec review |
Preview coverage layers |
bootsec packs |
List all available packs |
Flags
| Flag | Description |
|---|---|
--full |
Allow extra packs beyond auto-selection |
--ci |
Include GitHub Actions security workflow |
Examples
# Basic setup
bootsec go
# Setup with GitHub Actions
bootsec go --ci
# Preview changes without writing
bootsec peek
How It Works
- Auto-detect — Scans your repo and picks relevant packs (Node, Python, Flutter, etc.)
- Generate — Creates baseline docs tailored to your stack
- Guard — Installs pre-commit hooks that block obvious mistakes
- Merge-first — Never overwrites your existing config
What Gets Generated
| File | Purpose |
|---|---|
.gitignore |
Blocks secrets, build artifacts |
.env.example |
Environment template |
SECURITY.md |
Vulnerability reporting |
docs/security-checklist.md |
Pre-launch checklist |
.pre-commit-config.yaml |
Commit guard |
Packs
Auto-selected based on your stack:
- Core — Always on (MFA, secrets, logging, backups)
- Baseline — Regional defaults
- Platform — API, web, mobile, CLI, SaaS
- Data — Payments, health, PII
Design
- Merge, don't overwrite
- No network calls
- No framework names in generated docs
- Pure Python, zero dependencies
🚀 Want More?
Bootsec Pro unlocks:
| Feature | Description |
|---|---|
bootsec check |
Deep security audit with score (0-100) |
bootsec scan |
Vulnerability detection via OSV |
bootsec deps |
Dependency audit (npm/pip/cargo/go/ruby/php) |
bootsec sbom |
Software Bill of Materials |
bootsec ai |
AI-powered fix suggestions |
85+ secret patterns • Docker/K8s checks • Supply chain security
→ Get Pro — $3.99/year
Requirements
- Python 3.10+
- Git (for
guard)
License
MIT
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file bootsec-0.8.0.tar.gz.
File metadata
- Download URL: bootsec-0.8.0.tar.gz
- Upload date:
- Size: 31.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
e2eaa31d00bced1a36e77b13b724de0e432ed75b5856c1474a3e8745aeb50830
|
|
| MD5 |
b695df728c18371776acd465d3c1aa98
|
|
| BLAKE2b-256 |
504673e15a05c029636f6f21b40964fe12b2d3e857d148f3df9b5796eaf7e642
|
File details
Details for the file bootsec-0.8.0-py3-none-any.whl.
File metadata
- Download URL: bootsec-0.8.0-py3-none-any.whl
- Upload date:
- Size: 52.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.6
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
31362691ad91b768724991cb35f45c54af873e47f2cf69dcfa7b5995d8dd77b2
|
|
| MD5 |
1076ac4cebed18dbbbc8cd4503d06ef8
|
|
| BLAKE2b-256 |
3b77a56f646f03c87f1122c099ba5f09bad97e436a81f0c1de2af20733ef2f57
|
