Skip to main content

python dependency vulnerability scanner

Project description

🐍 Pyscan

CI Liscense PyPI GitHub issues Top Language

A dependency vulnerability scanner for your python projects, straight from the terminal.
  • can be used within large projects. (see benchmarks)
  • automatically finds dependencies either from configuration files or within source code.
  • support for poetry,hatch,filt,pdm and can be integrated into existing build processes.
  • hasn't been battle-hardened yet. PRs and issue makers welcome.

🕊️ Install

pip install pyscan-rs

look out for the "-rs" part or

cargo install pyscan

🐇 Usage

Go to your python source directory (or wherever you keep your requirements.txt/pyproject.toml) and run:

> pyscan

or

> pyscan -d path/to/src

Pyscan will find any dependencies added through poetry, hatch, filt, pdm, etc. Here's the order of precedence for a source/config file:
  • requirements.txt
  • pyproject.toml
  • your source code (.py)

Pyscan will use your pip to find unknown versions, otherwise pypi.org for the latest version. Still, it is recommended to version-ize your requirements and use proper pep-508 syntax.

Building

pyscan requires a rust version of < v1.70, and might be unstable on previous releases. There's an overview of the codebase at architecture. Grateful for all the contributions so far.

🦀 Note

pyscan doesn't make sure your code is safe from everything. Use all resources available to you like safety Dependabot, pip-audit, trivy and the likes.

🐰 Todo

As of October 15, 2023:

  • Gather time to work on it (incredible task as a high schooler college freshman)
  • Persistent state representation of a project's security.
  • Graphical analysis of dependencies and their dependencies, and so on.
  • Better display, search, filter of vulns
  • Finish the "big" update (All of the above is a part of PR #17)

🐹 Donate

While not coding, I am a broke high school student with nothing else to do. I appreciate all the help I can get.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyscan_rs-0.1.7.tar.gz (1.1 MB view details)

Uploaded Source

Built Distributions

pyscan_rs-0.1.7-py3-none-win_amd64.whl (2.4 MB view details)

Uploaded Python 3Windows x86-64

pyscan_rs-0.1.7-py3-none-win32.whl (2.2 MB view details)

Uploaded Python 3Windows x86

pyscan_rs-0.1.7-py3-none-manylinux_2_34_x86_64.whl (5.0 MB view details)

Uploaded Python 3manylinux: glibc 2.34+ x86-64

pyscan_rs-0.1.7-py3-none-macosx_11_0_arm64.whl (2.6 MB view details)

Uploaded Python 3macOS 11.0+ ARM64

pyscan_rs-0.1.7-py3-none-macosx_10_12_x86_64.whl (2.7 MB view details)

Uploaded Python 3macOS 10.12+ x86-64

File details

Details for the file pyscan_rs-0.1.7.tar.gz.

File metadata

  • Download URL: pyscan_rs-0.1.7.tar.gz
  • Upload date:
  • Size: 1.1 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.7.8

File hashes

Hashes for pyscan_rs-0.1.7.tar.gz
Algorithm Hash digest
SHA256 98b710c7c20446f76138d6651def9cf55331314fda62c2ea6684b9517d89cc90
MD5 8e26eee95bd664b29555db4afe51aac5
BLAKE2b-256 ec43a42c4255156c678e8a86db01e82432eaee050e3107b18ec860578cd2b448

See more details on using hashes here.

File details

Details for the file pyscan_rs-0.1.7-py3-none-win_amd64.whl.

File metadata

  • Download URL: pyscan_rs-0.1.7-py3-none-win_amd64.whl
  • Upload date:
  • Size: 2.4 MB
  • Tags: Python 3, Windows x86-64
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.7.8

File hashes

Hashes for pyscan_rs-0.1.7-py3-none-win_amd64.whl
Algorithm Hash digest
SHA256 099fa7f84e5083ea6c304b93133095d2be19457a99aba2ca50b643495f96fb39
MD5 5396720b75730d0bc99dd3b40ebd49b4
BLAKE2b-256 21d066ea03448fda25c7a99d5694628c0c11412f4bfa22cb42ae201b5a664dda

See more details on using hashes here.

File details

Details for the file pyscan_rs-0.1.7-py3-none-win32.whl.

File metadata

  • Download URL: pyscan_rs-0.1.7-py3-none-win32.whl
  • Upload date:
  • Size: 2.2 MB
  • Tags: Python 3, Windows x86
  • Uploaded using Trusted Publishing? No
  • Uploaded via: maturin/1.7.8

File hashes

Hashes for pyscan_rs-0.1.7-py3-none-win32.whl
Algorithm Hash digest
SHA256 2fc3f4988d244996c986f16b79871383b261a19d70dbe6e9cb694cd6232e1eeb
MD5 45ab7f1331d1a497324dfb0670a75f71
BLAKE2b-256 8f15bc2efe97dc9b613e4a7aa17e09101668a87630cc18425ad2c8d0cb401a5c

See more details on using hashes here.

File details

Details for the file pyscan_rs-0.1.7-py3-none-manylinux_2_34_x86_64.whl.

File metadata

File hashes

Hashes for pyscan_rs-0.1.7-py3-none-manylinux_2_34_x86_64.whl
Algorithm Hash digest
SHA256 b87f47a09609e4fbda3b2f8c2052b96a341fa421d97f6165c627cc29e852be58
MD5 a684733dc8c1b249abdde79c1b9d4469
BLAKE2b-256 03763516368fca117b13f3c48e1deb6107f7f0e7ee98afabef2e6d08faa8e9e0

See more details on using hashes here.

File details

Details for the file pyscan_rs-0.1.7-py3-none-macosx_11_0_arm64.whl.

File metadata

File hashes

Hashes for pyscan_rs-0.1.7-py3-none-macosx_11_0_arm64.whl
Algorithm Hash digest
SHA256 14212ac5f954e4e8db26c0d2e1ca1c4c4e5ee43ea88c20c2f52abe75f7d951ae
MD5 923ed252e184ceb3793bff371da47794
BLAKE2b-256 b52a60f8fad86c17ea03b37607b5f77a6cc23a657db8fcd6510aed9405209c38

See more details on using hashes here.

File details

Details for the file pyscan_rs-0.1.7-py3-none-macosx_10_12_x86_64.whl.

File metadata

File hashes

Hashes for pyscan_rs-0.1.7-py3-none-macosx_10_12_x86_64.whl
Algorithm Hash digest
SHA256 752a24826012faa1e9d3c2852f1373793aa65ca97acac9de08a2de5ace9c690c
MD5 f4941fa2259ac3d6d6917c1bb75c341b
BLAKE2b-256 2aeddeeeb7e45d7f48376e0311c6484351e3a08566c5c97c95ecc63ac718acf0

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page