Skip to main content

One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.

Project description

OSSGuard — Python Implementation

The reference Python implementation of OSSGuard.

CI PyPI License: Apache-2.0 Python 3.9+

For full documentation, all install methods, and command examples, see the main ossguard repo.

Install

pip install ossguard

# Or with pipx (isolated install)
pipx install ossguard

Quick Start

ossguard scan .       # Quick security posture check
ossguard audit .      # Full security audit
ossguard init .       # Bootstrap all OpenSSF configs
ossguard baseline .   # OSPS Baseline compliance

Features

This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).

  • 27 commands covering the full OpenSSF security lifecycle
  • Rich terminal UI with tables, panels, and progress indicators
  • Auto-detection of languages, package managers, and frameworks
  • Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx

For the complete command reference and real-world output examples, see the main ossguard README.

Other Implementations

Implementation Install Best for
ossguard-go brew install kirankotari/tap/ossguard CI pipelines, single binary
ossguard-npm npx ossguard Node.js projects

Development

# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"

# Run tests (147 tests)
pytest

# Lint
ruff check src/ tests/

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

License

Apache-2.0 — see LICENSE for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ossguard-0.1.4.tar.gz (96.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ossguard-0.1.4-py3-none-any.whl (102.0 kB view details)

Uploaded Python 3

File details

Details for the file ossguard-0.1.4.tar.gz.

File metadata

  • Download URL: ossguard-0.1.4.tar.gz
  • Upload date:
  • Size: 96.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.4.tar.gz
Algorithm Hash digest
SHA256 66e343c31c9d5b080087376a6bcc61649cf100fb69d85e60a984db4014d84619
MD5 9ba4702a6892924fbe1bcca35ad189c4
BLAKE2b-256 32ea9c3697ed78f61f69f5b671ccb17d23cd6d25da680781743b974f79d4f4be

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.4.tar.gz:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ossguard-0.1.4-py3-none-any.whl.

File metadata

  • Download URL: ossguard-0.1.4-py3-none-any.whl
  • Upload date:
  • Size: 102.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 ceb4d4cab5525c0bd7321929777d7485ac06debca9b7c992dfb54239cac252e3
MD5 1f402ebba9a4f56ab1084dcd395412bf
BLAKE2b-256 9b423d4755ce15547d84f1dc490e0007aec5657922b94160243b76c45c1a1a28

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.4-py3-none-any.whl:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page