Library for detecting vulnerabilities in Python code

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for hecronk from gravatar.com hecronk

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Damir
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers
Report project as malware

Project description

Vulnerability Checker

A library for detecting vulnerabilities in Python code. Designed for integration with CI/CD systems such as GitLab CI/CD. Supports Python 3.8 and above.

Features

  • Static code analysis to detect security vulnerabilities
  • Dependency checking for known vulnerabilities
  • Analysis of insecure code constructs
  • Returns non-zero exit code when issues are found
  • Generates detailed vulnerability reports

Requirements

  • Python 3.8 - 3.13
  • Dependencies listed in pyproject.toml (automatically installed with the package)

Installation

pip install vulnerability-checker

Usage

Command Line

# Basic directory analysis
vulncheck /path/to/your/project

# Analysis with JSON report generation
vulncheck /path/to/your/project --output report.json

# Check only specific vulnerability types
vulncheck /path/to/your/project --checks sql-injection,xss,dependency-check

Available Flags

  • --output <filename>: Specifies the name of the file to save the report (e.g., --output report.json).
  • --checks <check_types>: Specifies which types of vulnerabilities to check (e.g., --checks sql-injection,xss,dependency-check).
  • --verbose: Detailed output.
  • --exit-zero: Always return 0 exit code, even when vulnerabilities are found.

GitLab CI/CD Integration

security_check:
  stage: test
  script:
    - pip install vulnerability-checker
    - vulncheck . --output report.json
  artifacts:
    paths:
      - report.json

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for hecronk from gravatar.com hecronk

Unverified details

These details have not been verified by PyPI
Meta
  • License: MIT License (MIT)
  • Author: Damir
  • Requires: Python >=3.8
  • Provides-Extra: dev
Classifiers

Release history Release notifications | RSS feed

0.2.6

0.2.5

0.2.4

0.2.3

0.2.2

0.2.1

This version

0.2.0

0.1.9

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vulnerability_checker-0.2.0.tar.gz (19.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vulnerability_checker-0.2.0-py3-none-any.whl (27.1 kB view details)

Uploaded Python 3

File details

Details for the file vulnerability_checker-0.2.0.tar.gz.

File metadata

  • Download URL: vulnerability_checker-0.2.0.tar.gz
  • Upload date:
  • Size: 19.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.12.9

File hashes

Hashes for vulnerability_checker-0.2.0.tar.gz
Algorithm Hash digest
SHA256 aaa2ee8425b51534d174b304c6f3da362c64826a73fba79e209344f006012740
MD5 4dc9a4c4cb9963cc6fa2d9df3fabd6fd
BLAKE2b-256 b66a247c46df6f893cad801ea6cfa76e7a6c08ac903fef54e521cfa6f79564c1

See more details on using hashes here.

Provenance

The following attestation bundles were made for vulnerability_checker-0.2.0.tar.gz:

Publisher: upload-python-package.yml on hecronk/vulnerability-checker

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file vulnerability_checker-0.2.0-py3-none-any.whl.

File metadata

File hashes

Hashes for vulnerability_checker-0.2.0-py3-none-any.whl
Algorithm Hash digest
SHA256 54ce82055c6311cd67da9f425f3065f5814cd035871f197806a8aed416393f81
MD5 59ba1210903e04ac87436d3914bf6b8e
BLAKE2b-256 6d8aaf1d2b4823a9019a0ce5dc15e878d7caa33983a1e917a2a06bb4b181ba0b

See more details on using hashes here.

Provenance

The following attestation bundles were made for vulnerability_checker-0.2.0-py3-none-any.whl:

Publisher: upload-python-package.yml on hecronk/vulnerability-checker

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page