Ecosyste.ms: Packages
An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.
conda-forge.org : pip-audit
`pip-audit` is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database (https://github.com/pypa/advisory-db) via the [PyPI JSON API](https://warehouse.pypa.io/api-reference/json.html) as a source of vulnerability reports. This project is developed by [Trail of Bits](https://www.trailofbits.com/) with support from Google. This is not an official Google product. **Features** - Support for auditing local environments and requirements-style files - Support for multiple vulnerability services ([PyPI](https://warehouse.pypa.io/api-reference/json.html#known-vulnerabilities), [OSV](https://osv.dev/docs/)) - Support for emitting [SBOMs](https://en.wikipedia.org/wiki/Software_bill_of_materials) in [CycloneDX](https://cyclonedx.org/) XML or JSON - Human and machine-readable output formats (columnar, JSON) - Seamlessly reuses your existing local `pip` caches
Registry
-
Source
- JSON
purl: pkg:conda/pip-audit
Keywords: pip, python, security, security-audit, supply-chain
License: Apache-2.0
Status: removed
Latest release: about 2 years ago
First release: over 2 years ago
Stars: 620 on GitHub
Forks: 35 on GitHub
See more repository details: repos.ecosyste.ms
Last synced: 4 months ago