pypa / gh-action-pip-audit

Related projects ⓘ

Alternatives and complementary repositories for gh-action-pip-audit

• sigstore / sigstore-python
  A Sigstore client written in Python
  ☆232Updated this week
• psf / advisory-database
  This is a repository of vulnerability advisories for projects in scope for the Python Software Foundation CVE Numbering Authority (CNA)
  ☆28Updated last week
• sigstore / gh-action-sigstore-python
  A GitHub Action for sigstore-python
  ☆46Updated last month
• pypi / inspector
  🕵️ File browser for distributions on PyPI
  ☆88Updated last week
• aswinnnn / pyscan
  python dependency vulnerability scanner, written in Rust.
  ☆186Updated 10 months ago
• pypa / abi3audit
  Scans Python packages for abi3 violations and inconsistencies
  ☆104Updated this week
• pypi-data / pypi-json-data
  Automatically updated pypi API data, available in bulk via git or sqlite
  ☆63Updated this week
• sethmlarson / pypi-data
  Data about packages and maintainers on PyPI
  ☆123Updated this week
• snyk / faker-security
  Python Faker provider for security related data
  ☆36Updated 3 months ago
• pypa / advisory-database
  Advisory database for Python packages published on pypi.org
  ☆264Updated this week
• abravalheri / validate-pyproject
  Validation library for simple check on `pyproject.toml`
  ☆135Updated this week
• dlint-py / dlint
  Dlint is a tool for encouraging best coding practices and helping ensure Python code is secure.
  ☆164Updated 3 weeks ago
• etianen / logot
  Test whether your code is logging correctly 🪵
  ☆104Updated last month
• avilum / secimport
  eBPF Python runtime sandbox with seccomp (Blocks RCE).
  ☆184Updated last month
• robusta-dev / debug-toolkit
  A modern code-injection framework for Python. Like Pyrasite but Kubernetes-aware.
  ☆58Updated 3 weeks ago
• trailofbits / eatmynetwork
  A small script for running programs with (minimal) network sandboxing
  ☆46Updated 8 months ago
• aboutcode-org / pip-requirements-parser
  a mostly correct pip requirements parsing library
  ☆20Updated 2 months ago
• pypi-data / pypi-aws-secrets
  This repo scans pypi for AWS keys
  ☆105Updated 8 months ago
• wiz-sec-public / namespacehound
  NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
  ☆59Updated 8 months ago
• pytest-dev / pytest-github-actions-annotate-failures
  Pytest plugin to annotate failed tests with a workflow command for GitHub Actions
  ☆140Updated 2 weeks ago
• tonybaloney / hathi
  A dictionary attack tool for PostgreSQL and MSSQL
  ☆36Updated 2 years ago
• hugovk / norwegianblue
  CLI to show end-of-life dates for a number of products.
  ☆97Updated this week
• sethmlarson / truststore
  Verify certificates using OS trust stores
  ☆161Updated 3 weeks ago
• tox-dev / pyproject-fmt
  ☆172Updated last week
• iosifache / semgrep-rules-manager
  Manager of third-party sources of Semgrep rules 🗂
  ☆76Updated 3 months ago
• advanced-security / gh-sbom
  Generate SBOMs with gh CLI
  ☆166Updated 2 months ago
• typesplainer / typesplainer
  A Python type explainer!
  ☆82Updated last year
• tylerwince / flake8-bandit
  Automated security testing using bandit and flake8.
  ☆111Updated last year
• ossf / oss-vulnerability-guide
  A guide on coordinated vulnerability disclosure for open source projects. Includes templates for security policies (security.md) and disc…
  ☆119Updated 5 months ago
• plinss / flake8-noqa
  flake8 plugin to validate #noqa comments - Mirror of https://gitlab.linss.com/open-source/flake8/flake8-noqa
  ☆41Updated 10 months ago