A comprehensive command-line tool to check security-related issues in your projects, including vulnerability scanning and license compliance checking.
Project description
Security Checker
A comprehensive command-line tool to check security-related issues in your projects, including vulnerability scanning and license compliance checking.
Features
- Vulnerability Scanning: Check for known security vulnerabilities in your project dependencies
- License Compliance: Verify and analyze license compatibility of your dependencies
- Multi-Package Manager Support: Works with Poetry, npm, pnpm, pip (requirements.txt), and Rye
- Multiple Output Formats: Support for stdout, Slack notifications, and Markdown reports
- Extensible Architecture: Easy to add new package managers and notification methods
Installation
From PyPI
pip install security-checker
Usage
Security Checker provides two main commands: license for license checking and vuln for vulnerability scanning.
License Checking
Check license compliance of your project dependencies:
# With default settings (all supported package managers)
security-checker license /path/to/your/project
Vulnerability Scanning
Scan for security vulnerabilities in your dependencies:
# With default settings (all supported package managers)
security-checker vuln /path/to/your/project
Configuration
Slack Notifications
To use Slack notifications, set the following environment variables:
export SLACK_BOT_TOKEN="xoxb-your-bot-token"
export SLACK_CHANNEL="#your-channel"
LLM Summary generation requires an OpenAI API key:
export LLM_API_KEY="your-openai-api-key"
export LLM_SUMMARIZE_MODEL="o4-mini"
export LLM_ENDPOINT="https://api.openai.com/v1"
Development
Requirements
- Python >= 3.10
- Rye
Setup Development Environment
git clone https://github.com/Ja-sonYun/security-checker.git
cd security-checker
rye sync
Code Quality
This project uses:
- Ruff: For linting and code formatting
- Type hints: Full type annotation coverage
Run code quality checks:
ruff check .
ruff format .
Project Structure
src/security_checker/
├── checkers/ # Core checking logic
│ ├── credentials/ # Credential scanning (TODO)
│ ├── licenses/ # License compliance checking
│ └── vulnerabilities/ # Vulnerability scanning
├── notifiers/ # Output and notification handlers
├── vendors/ # Package manager integrations
├── utils/ # Utility functions
└── cli.py # Command-line interface
Adding New Package Managers
- Create a new vendor class in
src/security_checker/vendors/ - Implement the required traits for license and/or vulnerability checking
- Add the vendor to the supported vendors list in
cli.py
Adding New Notification Methods
- Create a new notifier class in
src/security_checker/notifiers/ - Extend the
NotifierBaseclass - Add the notifier to the supported notifiers list in
cli.py
To-Do
- Implement credential scanning
- Support result caching to avoid redundant checks
- Add unit tests for all components
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file security_checker-0.2.3-py3-none-any.whl.
File metadata
- Download URL: security_checker-0.2.3-py3-none-any.whl
- Upload date:
- Size: 33.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.1.1 CPython/3.12.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1b2e9ac648f181bef26af99cbd9b0c9dbb7a4510f48e01c63989d56cedcae8d5
|
|
| MD5 |
e289121cd158146503f92bd8174482fa
|
|
| BLAKE2b-256 |
9e7a12a8a35d2fd93f4c72b22ba8669df9ef8837aa63aa82c4eb0e8a212a47dc
|
