owasp-nest 0.1.0

OWASP Nest Python SDK

owasp-nest

Developer-friendly & type-safe Python SDK specifically catered to leverage owasp-nest API.

[!IMPORTANT] This SDK is not yet ready for production use. To complete setup please follow the steps outlined in your workspace. Delete this section before > publishing to a package manager.

Summary

OWASP Nest: Open Worldwide Application Security Project API

Table of Contents

• owasp-nest
  • SDK Installation
  • IDE Support
  • SDK Example Usage
  • Authentication
  • Available Resources and Operations
  • Retries
  • Error Handling
  • Server Selection
  • Custom HTTP Client
  • Resource Management
  • Debugging
• Development
  • Maturity
  • Contributions

SDK Installation

[!NOTE] Python version upgrade policy

Once a Python version reaches its official end of life date, a 3-month grace period is provided for users to upgrade. Following this grace period, the minimum python version supported in the SDK will be updated.

The SDK can be installed with uv, pip, or poetry package managers.

uv

uv is a fast Python package installer and resolver, designed as a drop-in replacement for pip and pip-tools. It's recommended for its speed and modern Python tooling capabilities.

uv add owasp-nest

PIP

PIP is the default package installer for Python, enabling easy installation and management of packages from PyPI via the command line.

pip install owasp-nest

Poetry

Poetry is a modern tool that simplifies dependency management and package publishing by using a single pyproject.toml file to handle project metadata and dependencies.

poetry add owasp-nest

Shell and script usage with uv

You can use this SDK in a Python shell with uv and the uvx command that comes with it like so:

uvx --from owasp-nest python

It's also possible to write a standalone Python script without needing to set up a whole project like so:

#!/usr/bin/env -S uv run --script
# /// script
# requires-python = ">=3.9"
# dependencies = [
#     "owasp-nest",
# ]
# ///

from owasp_nest import Nest

sdk = Nest(
  # SDK arguments
)

# Rest of script here...

Once that is saved to a file, you can run it with uv run script.py where script.py can be replaced with the actual file name.

IDE Support

PyCharm

Generally, the SDK will work well with most IDEs out of the box. However, when using PyCharm, you can enjoy much better integration with Pydantic by installing an additional plugin.

• PyCharm Pydantic Plugin

SDK Example Usage

Example

# Synchronous Example
from owasp_nest import Nest


with Nest(
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:

    res = nest.chapters.list_chapters(country="India", region="Asia", page=1)

    # Handle response
    print(res)

The same SDK client can also be used to make asynchronous requests by importing asyncio.

# Asynchronous Example
import asyncio
from owasp_nest import Nest

async def main():

    async with Nest(
        api_key_auth="<YOUR_API_KEY_HERE>",
    ) as nest:

        res = await nest.chapters.list_chapters_async(country="India", region="Asia", page=1)

        # Handle response
        print(res)

asyncio.run(main())

Authentication

Per-Client Security Schemes

This SDK supports the following security scheme globally:

Name	Type	Scheme
api_key_auth	apiKey	API key

To authenticate with the API the api_key_auth parameter must be set when initializing the SDK client instance. For example:

from owasp_nest import Nest


with Nest(
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:

    res = nest.chapters.list_chapters(country="India", region="Asia", page=1)

    # Handle response
    print(res)

Available Resources and Operations

Available methods

chapters

• list_chapters - List chapters
• get_chapter - Get chapter

committees

• list_committees - List committees

community

• list_members - List members
• get_member - Get member by login
• list_organizations - List organizations

events

• list_events - List events

issues

• list_issues - List issues

projects

• list_projects - List projects

releases

• list_releases - List releases

repositories

• list_repositories - List repositories

Retries

Some of the endpoints in this SDK support retries. If you use the SDK without any configuration, it will fall back to the default retry strategy provided by the API. However, the default retry strategy can be overridden on a per-operation basis, or across the entire SDK.

To change the default retry strategy for a single API call, simply provide a RetryConfig object to the call:

from owasp_nest import Nest
from owasp_nest.utils import BackoffStrategy, RetryConfig


with Nest(
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:

    res = nest.chapters.list_chapters(country="India", region="Asia", page=1,
        RetryConfig("backoff", BackoffStrategy(1, 50, 1.1, 100), False))

    # Handle response
    print(res)

If you'd like to override the default retry strategy for all operations that support retries, you can use the retry_config optional parameter when initializing the SDK:

from owasp_nest import Nest
from owasp_nest.utils import BackoffStrategy, RetryConfig


with Nest(
    retry_config=RetryConfig("backoff", BackoffStrategy(1, 50, 1.1, 100), False),
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:

    res = nest.chapters.list_chapters(country="India", region="Asia", page=1)

    # Handle response
    print(res)

Error Handling

NestAPIError is the base class for all HTTP error responses. It has the following properties:

Property	Type	Description
err.message	str	Error message
err.status_code	int	HTTP response status code eg 404
err.headers	httpx.Headers	HTTP response headers
err.body	str	HTTP body. Can be empty string if no body is returned.
err.raw_response	httpx.Response	Raw HTTP response
err.data		Optional. Some errors may contain structured data. See Error Classes.

Example

from owasp_nest import Nest, models


with Nest(
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:
    res = None
    try:

        res = nest.chapters.get_chapter(key="<key>")

        # Handle response
        print(res)


    except models.NestAPIError as e:
        # The base class for HTTP error responses
        print(e.message)
        print(e.status_code)
        print(e.body)
        print(e.headers)
        print(e.raw_response)

        # Depending on the method different errors may be thrown
        if isinstance(e, models.ChapterErrorResponse):
            print(e.data.message)  # str

Error Classes

Primary error:

• NestAPIError: The base class for HTTP error responses.

Less common errors (7)

Network errors:

• httpx.RequestError: Base class for request errors.
  • httpx.ConnectError: HTTP client was unable to make a request to a server.
  • httpx.TimeoutException: HTTP request timed out.

Inherit from NestAPIError:

• ChapterErrorResponse: Chapter error response schema. Status code 404. Applicable to 1 of 11 methods.*
• MemberErrorResponse: Member error response schema. Status code 404. Applicable to 1 of 11 methods.*
• ResponseValidationError: Type mismatch between the response data and the expected Pydantic model. Provides access to the Pydantic validation error via the cause attribute.

* Check the method documentation to see if the error is applicable.

Server Selection

Override Server URL Per-Client

The default server can be overridden globally by passing a URL to the server_url: str optional parameter when initializing the SDK client instance. For example:

from owasp_nest import Nest


with Nest(
    server_url="https://nest.owasp.org",
    api_key_auth="<YOUR_API_KEY_HERE>",
) as nest:

    res = nest.chapters.list_chapters(country="India", region="Asia", page=1)

    # Handle response
    print(res)

Custom HTTP Client

The Python SDK makes API calls using the httpx HTTP library. In order to provide a convenient way to configure timeouts, cookies, proxies, custom headers, and other low-level configuration, you can initialize the SDK client with your own HTTP client instance. Depending on whether you are using the sync or async version of the SDK, you can pass an instance of HttpClient or AsyncHttpClient respectively, which are Protocol's ensuring that the client has the necessary methods to make API calls. This allows you to wrap the client with your own custom logic, such as adding custom headers, logging, or error handling, or you can just pass an instance of httpx.Client or httpx.AsyncClient directly.

For example, you could specify a header for every request that this sdk makes as follows:

from owasp_nest import Nest
import httpx

http_client = httpx.Client(headers={"x-custom-header": "someValue"})
s = Nest(client=http_client)

or you could wrap the client with your own custom logic:

from owasp_nest import Nest
from owasp_nest.httpclient import AsyncHttpClient
import httpx

class CustomClient(AsyncHttpClient):
    client: AsyncHttpClient

    def __init__(self, client: AsyncHttpClient):
        self.client = client

    async def send(
        self,
        request: httpx.Request,
        *,
        stream: bool = False,
        auth: Union[
            httpx._types.AuthTypes, httpx._client.UseClientDefault, None
        ] = httpx.USE_CLIENT_DEFAULT,
        follow_redirects: Union[
            bool, httpx._client.UseClientDefault
        ] = httpx.USE_CLIENT_DEFAULT,
    ) -> httpx.Response:
        request.headers["Client-Level-Header"] = "added by client"

        return await self.client.send(
            request, stream=stream, auth=auth, follow_redirects=follow_redirects
        )

    def build_request(
        self,
        method: str,
        url: httpx._types.URLTypes,
        *,
        content: Optional[httpx._types.RequestContent] = None,
        data: Optional[httpx._types.RequestData] = None,
        files: Optional[httpx._types.RequestFiles] = None,
        json: Optional[Any] = None,
        params: Optional[httpx._types.QueryParamTypes] = None,
        headers: Optional[httpx._types.HeaderTypes] = None,
        cookies: Optional[httpx._types.CookieTypes] = None,
        timeout: Union[
            httpx._types.TimeoutTypes, httpx._client.UseClientDefault
        ] = httpx.USE_CLIENT_DEFAULT,
        extensions: Optional[httpx._types.RequestExtensions] = None,
    ) -> httpx.Request:
        return self.client.build_request(
            method,
            url,
            content=content,
            data=data,
            files=files,
            json=json,
            params=params,
            headers=headers,
            cookies=cookies,
            timeout=timeout,
            extensions=extensions,
        )

s = Nest(async_client=CustomClient(httpx.AsyncClient()))

Resource Management

The Nest class implements the context manager protocol and registers a finalizer function to close the underlying sync and async HTTPX clients it uses under the hood. This will close HTTP connections, release memory and free up other resources held by the SDK. In short-lived Python programs and notebooks that make a few SDK method calls, resource management may not be a concern. However, in longer-lived programs, it is beneficial to create a single SDK instance via a context manager and reuse it across the application.

from owasp_nest import Nest
def main():

    with Nest(
        api_key_auth="<YOUR_API_KEY_HERE>",
    ) as nest:
        # Rest of application here...


# Or when using async:
async def amain():

    async with Nest(
        api_key_auth="<YOUR_API_KEY_HERE>",
    ) as nest:
        # Rest of application here...

Debugging

You can setup your SDK to emit debug logs for SDK requests and responses.

You can pass your own logger class directly into your SDK.

from owasp_nest import Nest
import logging

logging.basicConfig(level=logging.DEBUG)
s = Nest(debug_logger=logging.getLogger("owasp_nest"))

Development

Maturity

This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.

Contributions

While we value open-source contributions to this SDK, this library is generated programmatically. Any manual changes added to internal files will be overwritten on the next generation. We look forward to hearing your feedback. Feel free to open a PR or an issue with a proof of concept and we'll do our best to include it in a future release.

SDK Created by Speakeasy