Skip to main content

One-command CLI to guard any OSS project with OpenSSF security best practices — bootstrap, scan, and monitor.

Project description

OSSGuard — Python Implementation

The reference Python implementation of OSSGuard.

CI PyPI License: Apache-2.0 Python 3.9+

For full documentation, all install methods, and command examples, see the main ossguard repo.

Install

pip install ossguard

# Or with pipx (isolated install)
pipx install ossguard

Quick Start

ossguard scan .       # Quick security posture check
ossguard audit .      # Full security audit
ossguard init .       # Bootstrap all OpenSSF configs
ossguard baseline .   # OSPS Baseline compliance

Features

This is the reference implementation with the richest UI (Rich tables, colored panels, interactive prompts).

  • 27 commands covering the full OpenSSF security lifecycle
  • Rich terminal UI with tables, panels, and progress indicators
  • Auto-detection of languages, package managers, and frameworks
  • Python 3.9+ with dependencies: typer, rich, pyyaml, jinja2, questionary, httpx

For the complete command reference and real-world output examples, see the main ossguard README.

Other Implementations

Implementation Install Best for
ossguard-go brew install kirankotari/tap/ossguard CI pipelines, single binary
ossguard-npm npx ossguard Node.js projects

Development

# Clone and install
git clone https://github.com/kirankotari/ossguard-python.git
cd ossguard-python
pip install -e ".[dev]"

# Run tests (147 tests)
pytest

# Lint
ruff check src/ tests/

Contributing

Contributions are welcome! Please see CONTRIBUTING.md for guidelines.

License

Apache-2.0 — see LICENSE for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

ossguard-0.1.4a2.tar.gz (96.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

ossguard-0.1.4a2-py3-none-any.whl (102.0 kB view details)

Uploaded Python 3

File details

Details for the file ossguard-0.1.4a2.tar.gz.

File metadata

  • Download URL: ossguard-0.1.4a2.tar.gz
  • Upload date:
  • Size: 96.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.4a2.tar.gz
Algorithm Hash digest
SHA256 7cbf96a546f47552d8f4ccee1ccbf8a28e799895b17ebab0eb0c4ff6fd1ade95
MD5 2894962710bb71f687b925ad9091f85e
BLAKE2b-256 25cf25e5385f7f9c2c17131848d347d9607517dafc452c668f08e8ddeeabf624

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.4a2.tar.gz:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file ossguard-0.1.4a2-py3-none-any.whl.

File metadata

  • Download URL: ossguard-0.1.4a2-py3-none-any.whl
  • Upload date:
  • Size: 102.0 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for ossguard-0.1.4a2-py3-none-any.whl
Algorithm Hash digest
SHA256 4517116122def5ce2f0f01d85c89d367d34a401585f1d3ec3670ac07e233ec2b
MD5 67cd9ae7a391022d2b097cf56d7bead5
BLAKE2b-256 244a9c7fd7a2767d449d5e3556ef9636711675e2f0ed9d53a0bdc3f1418dbf68

See more details on using hashes here.

Provenance

The following attestation bundles were made for ossguard-0.1.4a2-py3-none-any.whl:

Publisher: release.yml on kirankotari/ossguard-python

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page