Skip to main content

One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.

Project description

OSSGuard — Python Implementation

The reference Python implementation of OSSGuard.

CI PyPI License: Apache-2.0 Python 3.9+

For full documentation, all install methods, and command examples, see the main ossguard repo.

Install

pip install ossguard

# Or with pipx (isolated install)
pipx install ossguard

Quick Start

ossguard scan .       # Quick security posture check
ossguard audit .      # Full security audit
ossguard init .       # Bootstrap all OpenSSF configs
ossguard baseline .   # OSPS Baseline compliance

Features

This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).

  • 27 commands covering the full OpenSSF security lifecycle
  • Rich terminal UI with tables, panels, and progress indicators
  • Auto-detection of languages, package managers, and frameworks
  • Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx

For the complete command reference and real-world output examples, see the main ossguard README.

Other Implementations

Implementation Install Best for
ossguard-go brew install kirankotari/tap/ossguard CI pipelines, single binary
ossguard-npm npx ossguard Node.js projects

Development

# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"

# Run tests (147 tests)
pytest

# Lint
ruff check src/ tests/

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

License

Apache-2.0 — see LICENSE for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ossguard-0.1.3a1.tar.gz (96.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ossguard-0.1.3a1-py3-none-any.whl (102.0 kB view details)

Uploaded Python 3

File details

Details for the file ossguard-0.1.3a1.tar.gz.

File metadata

  • Download URL: ossguard-0.1.3a1.tar.gz
  • Upload date:
  • Size: 96.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3a1.tar.gz
Algorithm Hash digest
SHA256 5a96c3591993dbe17a8e7cc12e3ccefbca2b597a292a2613d3869bee45ba30a5
MD5 8334c35ad26f08f31bc55e748894169d
BLAKE2b-256 e609bf5146db8bce729b77b944b9b6a661021fc5b654059b3f637cfa95b8bfc0

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3a1.tar.gz:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ossguard-0.1.3a1-py3-none-any.whl.

File metadata

  • Download URL: ossguard-0.1.3a1-py3-none-any.whl
  • Upload date:
  • Size: 102.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3a1-py3-none-any.whl
Algorithm Hash digest
SHA256 da5366bde589754e5c2a7c94232f243bbc74d68a584ca91768615ef57d3dc24c
MD5 1a17bcb1b954c90120c4ee483a85c6f5
BLAKE2b-256 13b7d365db906dd241c09a795ddd819ff74c402a1182734e0f55eff797e7b565

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3a1-py3-none-any.whl:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page