One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.
Project description
OSSGuard — Python Implementation
The reference Python implementation of OSSGuard.
For full documentation, all install methods, and command examples, see the main ossguard repo.
Install
pip install ossguard
# Or with pipx (isolated install)
pipx install ossguard
Quick Start
ossguard scan . # Quick security posture check
ossguard audit . # Full security audit
ossguard init . # Bootstrap all OpenSSF configs
ossguard baseline . # OSPS Baseline compliance
Features
This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).
- 27 commands covering the full OpenSSF security lifecycle
- Rich terminal UI with tables, panels, and progress indicators
- Auto-detection of languages, package managers, and frameworks
- Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx
For the complete command reference and real-world output examples, see the main ossguard README.
Other Implementations
| Implementation | Install | Best for |
|---|---|---|
| ossguard-go | brew install kirankotari/tap/ossguard |
CI pipelines, single binary |
| ossguard-npm | npx ossguard |
Node.js projects |
Development
# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"
# Run tests (147 tests)
pytest
# Lint
ruff check src/ tests/
Contributing
Contributions are welcome! Please see CONTRIBUTING.md for guidelines.
License
Apache-2.0 — see LICENSE for details.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file ossguard-0.1.3a1.tar.gz.
File metadata
- Download URL: ossguard-0.1.3a1.tar.gz
- Upload date:
- Size: 96.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
5a96c3591993dbe17a8e7cc12e3ccefbca2b597a292a2613d3869bee45ba30a5
|
|
| MD5 |
8334c35ad26f08f31bc55e748894169d
|
|
| BLAKE2b-256 |
e609bf5146db8bce729b77b944b9b6a661021fc5b654059b3f637cfa95b8bfc0
|
Provenance
The following attestation bundles were made for ossguard-0.1.3a1.tar.gz:
Publisher:
release.yml on kirankotari/ossguard-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ossguard-0.1.3a1.tar.gz -
Subject digest:
5a96c3591993dbe17a8e7cc12e3ccefbca2b597a292a2613d3869bee45ba30a5 - Sigstore transparency entry: 1486148812
- Sigstore integration time:
-
Permalink:
kirankotari/ossguard-python@05f30d21ce65019eb8f516fc0da24bf703cf892e -
Branch / Tag:
refs/tags/v0.1.3a1 - Owner: https://github.com/kirankotari
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@05f30d21ce65019eb8f516fc0da24bf703cf892e -
Trigger Event:
push
-
Statement type:
File details
Details for the file ossguard-0.1.3a1-py3-none-any.whl.
File metadata
- Download URL: ossguard-0.1.3a1-py3-none-any.whl
- Upload date:
- Size: 102.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
da5366bde589754e5c2a7c94232f243bbc74d68a584ca91768615ef57d3dc24c
|
|
| MD5 |
1a17bcb1b954c90120c4ee483a85c6f5
|
|
| BLAKE2b-256 |
13b7d365db906dd241c09a795ddd819ff74c402a1182734e0f55eff797e7b565
|
Provenance
The following attestation bundles were made for ossguard-0.1.3a1-py3-none-any.whl:
Publisher:
release.yml on kirankotari/ossguard-python
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
ossguard-0.1.3a1-py3-none-any.whl -
Subject digest:
da5366bde589754e5c2a7c94232f243bbc74d68a584ca91768615ef57d3dc24c - Sigstore transparency entry: 1486148856
- Sigstore integration time:
-
Permalink:
kirankotari/ossguard-python@05f30d21ce65019eb8f516fc0da24bf703cf892e -
Branch / Tag:
refs/tags/v0.1.3a1 - Owner: https://github.com/kirankotari
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
release.yml@05f30d21ce65019eb8f516fc0da24bf703cf892e -
Trigger Event:
push
-
Statement type: