Skip to main content

One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.

Project description

OSSGuard — Python Implementation

The reference Python implementation of OSSGuard.

CI PyPI License: Apache-2.0 Python 3.9+

For full documentation, all install methods, and command examples, see the main ossguard repo.

Install

pip install ossguard

# Or with pipx (isolated install)
pipx install ossguard

Quick Start

ossguard scan .       # Quick security posture check
ossguard audit .      # Full security audit
ossguard init .       # Bootstrap all OpenSSF configs
ossguard baseline .   # OSPS Baseline compliance

Features

This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).

  • 27 commands covering the full OpenSSF security lifecycle
  • Rich terminal UI with tables, panels, and progress indicators
  • Auto-detection of languages, package managers, and frameworks
  • Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx

For the complete command reference and real-world output examples, see the main ossguard README.

Other Implementations

Implementation Install Best for
ossguard-go brew install kirankotari/tap/ossguard CI pipelines, single binary
ossguard-npm npx ossguard Node.js projects

Development

# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"

# Run tests (147 tests)
pytest

# Lint
ruff check src/ tests/

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

License

Apache-2.0 — see LICENSE for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ossguard-0.1.3.tar.gz (96.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ossguard-0.1.3-py3-none-any.whl (102.0 kB view details)

Uploaded Python 3

File details

Details for the file ossguard-0.1.3.tar.gz.

File metadata

  • Download URL: ossguard-0.1.3.tar.gz
  • Upload date:
  • Size: 96.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3.tar.gz
Algorithm Hash digest
SHA256 fe39abc31522334863c185130324c09c05d99af570ab4a43db8586d2f50cfa41
MD5 24e8adccf4f8d785e9cf423865e64429
BLAKE2b-256 39ce4d8e522e0ed107ab493221bff03b967a133ebb88d8668bda42c251ecc70c

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3.tar.gz:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ossguard-0.1.3-py3-none-any.whl.

File metadata

  • Download URL: ossguard-0.1.3-py3-none-any.whl
  • Upload date:
  • Size: 102.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3-py3-none-any.whl
Algorithm Hash digest
SHA256 8cfa832665d8eb6f4c93c1ee2c86940f93f295f2d4b553f8d7e55f2c273d6757
MD5 61113f2d6c988e9a69b11301599192d7
BLAKE2b-256 d9494b6009cc2e5e418eaa776b5f3b37ea8d1033800b3913c5af58e929d17078

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3-py3-none-any.whl:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page