Library for detecting vulnerabilities in Python code

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for hecronk from gravatar.com hecronk

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Damir
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

Vulnerability Checker

A library for detecting vulnerabilities in Python code. Designed for integration with CI/CD systems such as GitLab CI/CD. Supports Python 3.8 and above.

Features

  • Static code analysis to detect security vulnerabilities
  • Dependency checking for known vulnerabilities
  • Analysis of insecure code constructs
  • Returns non-zero exit code when issues are found
  • Generates detailed vulnerability reports

Requirements

  • Python 3.8 - 3.13
  • Dependencies listed in pyproject.toml (automatically installed with the package)

Installation

pip install vulnerability-checker

Usage

Command Line

# Basic directory analysis
vulncheck /path/to/your/project

# Analysis with JSON report generation
vulncheck /path/to/your/project --output report.json

# Check only specific vulnerability types
vulncheck /path/to/your/project --checks sql-injection,xss,dependency-check

Available Flags

  • --output <filename>: Specifies the name of the file to save the report (e.g., --output report.json).
  • --checks <check_types>: Specifies which types of vulnerabilities to check (e.g., --checks sql-injection,xss,dependency-check).
  • --verbose: Detailed output.
  • --exit-zero: Always return 0 exit code, even when vulnerabilities are found.

GitLab CI/CD Integration

security_check:
  stage: test
  script:
    - pip install vulnerability-checker
    - vulncheck . --output report.json
  artifacts:
    paths:
      - report.json

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for hecronk from gravatar.com hecronk

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Damir
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

0.2.0

0.1.9

This version

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vulnerability_checker-0.1.8.tar.gz (16.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vulnerability_checker-0.1.8-py3-none-any.whl (23.0 kB view details)

Uploaded Python 3

File details

Details for the file vulnerability_checker-0.1.8.tar.gz.

File metadata

  • Download URL: vulnerability_checker-0.1.8.tar.gz
  • Upload date:
  • Size: 16.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for vulnerability_checker-0.1.8.tar.gz
Algorithm Hash digest
SHA256 9cfbde2c0f8daf3e5dc79b402ce1b1894d38c690596b0bb3558724a6d5f9c93f
MD5 d46a45b335870bee9b436f8dc9fbea87
BLAKE2b-256 1f527d77981e1f7eedb10c61b3bacaf452ff60e5e0c764f893c1a3db1765725a

See more details on using hashes here.

Provenance

The following attestation bundles were made for vulnerability_checker-0.1.8.tar.gz:

Publisher: upload-python-package.yml on hecronk/vulnerability-checker

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vulnerability_checker-0.1.8-py3-none-any.whl.

File metadata

File hashes

Hashes for vulnerability_checker-0.1.8-py3-none-any.whl
Algorithm Hash digest
SHA256 d4942de5ecec42345ae4f7ea5b1bef0f0efbebf335e4abe05e9bfcfc540d8bd9
MD5 6520eae1df42d9046cdb46e33497a4d6
BLAKE2b-256 456c7b6c4600f87397816951782a2cc0e9bfd4c83810d6005db35eb7e38939ee

See more details on using hashes here.

Provenance

The following attestation bundles were made for vulnerability_checker-0.1.8-py3-none-any.whl:

Publisher: upload-python-package.yml on hecronk/vulnerability-checker

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page