1
pyscan scans 200+ dependencies for vulnerabilities by the time it takes to read this. (github.com)
submitted 1 year ago by aswin@lemmy.sdf.org to c/python@lemmy.ml
0 comments fedilink

Pyscan v0.1.4 | GitHub

Pyscan is the fastest CLI tool to find dependency vulnerabilities in your python projects.

  • blazingly fast scanner that can be used within large projects.
  • automatically finds requirements.txt, pyproject.toml or, the source code.
  • can be integrated into existing build processes.
  • In its early stage, thus hasn't been battle-hardened yet.

Install

pip install pyscan-rs

look out for the "-rs" part or

cargo install pyscan

Usage

Go to your python source directory (or wherever you keep your requirements.txt/pyproject.toml) and run:

> pyscan

or

> pyscan -d path/to/src

Pyscan is a tool written in Rust that uses OSV, which is an open source vulnerabilities database, which inspired me to make this tool.

aswin

joined 1 year ago