Skip to main content

One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.

Project description

OSSGuard — Python Implementation

The reference Python implementation of OSSGuard.

CI PyPI License: Apache-2.0 Python 3.9+

For full documentation, all install methods, and command examples, see the main ossguard repo.

Install

pip install ossguard

# Or with pipx (isolated install)
pipx install ossguard

Quick Start

ossguard scan .       # Quick security posture check
ossguard audit .      # Full security audit
ossguard init .       # Bootstrap all OpenSSF configs
ossguard baseline .   # OSPS Baseline compliance

Features

This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).

  • 27 commands covering the full OpenSSF security lifecycle
  • Rich terminal UI with tables, panels, and progress indicators
  • Auto-detection of languages, package managers, and frameworks
  • Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx

For the complete command reference and real-world output examples, see the main ossguard README.

Other Implementations

Implementation Install Best for
ossguard-go brew install kirankotari/tap/ossguard CI pipelines, single binary
ossguard-npm npx ossguard Node.js projects

Development

# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"

# Run tests (147 tests)
pytest

# Lint
ruff check src/ tests/

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

License

Apache-2.0 — see LICENSE for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ossguard-0.1.3a3.tar.gz (96.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ossguard-0.1.3a3-py3-none-any.whl (102.0 kB view details)

Uploaded Python 3

File details

Details for the file ossguard-0.1.3a3.tar.gz.

File metadata

  • Download URL: ossguard-0.1.3a3.tar.gz
  • Upload date:
  • Size: 96.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3a3.tar.gz
Algorithm Hash digest
SHA256 ff159361a47b2dc4386311f73721c813db16bb45e2795eda56b04765990430f4
MD5 f9990969c9af771fcb9bcf104ba8ef1b
BLAKE2b-256 70a7305306c9ba382a857de2a5398d9105e48e33295e14fedafacf0259f45c07

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3a3.tar.gz:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ossguard-0.1.3a3-py3-none-any.whl.

File metadata

  • Download URL: ossguard-0.1.3a3-py3-none-any.whl
  • Upload date:
  • Size: 102.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.3a3-py3-none-any.whl
Algorithm Hash digest
SHA256 f3aa88fa79bc8b28341cb6daf5f84d449626da1f3c694ab274999723860110bd
MD5 d0e9e929c362c408fd53e3c8fa40059f
BLAKE2b-256 846ba3877abd078c72656b99a7868f1eaecfac1bf90494e2c450196b5a40b260

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.3a3-py3-none-any.whl:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page