Python Vulnerability Checks
Tools for checking vulnerabilities in Python code.
Safety - Dependency Scanner
1# Install
2pip install safety
3
4# Check dependencies
5safety check
6
7# Check requirements file
8safety check -r requirements.txt
9
10# JSON output
11safety check --json
Bandit - Static Security Analysis
1# Install
2pip install bandit
3
4# Scan directory
5bandit -r ./myproject
6
7# Output formats
8bandit -r ./myproject -f json -o report.json
9bandit -r ./myproject -f html -o report.html
10
11# Exclude directories
12bandit -r ./myproject -x ./tests,./venv
Pip-audit
1# Install
2pip install pip-audit
3
4# Audit installed packages
5pip-audit
6
7# Audit requirements file
8pip-audit -r requirements.txt
9
10# Fix vulnerabilities
11pip-audit --fix
CI/CD Integration
1# GitHub Actions
2name: Security Scan
3
4on: [push, pull_request]
5
6jobs:
7 security:
8 runs-on: ubuntu-latest
9 steps:
10 - uses: actions/checkout@v3
11
12 - name: Set up Python
13 uses: actions/setup-python@v4
14 with:
15 python-version: '3.11'
16
17 - name: Install dependencies
18 run: pip install safety bandit pip-audit
19
20 - name: Run Safety
21 run: safety check
22
23 - name: Run Bandit
24 run: bandit -r .
25
26 - name: Run pip-audit
27 run: pip-audit
Related Snippets
- C/C++ Code Smells
Common code smells in C/C++ and how to fix them. Memory Leaks 1// ❌ Bad 2void … - C/C++ Secure Coding
Secure coding practices for C/C++ applications. Buffer Overflow Prevention 1// ❌ … - C/C++ Vulnerability Checks
Tools for checking vulnerabilities in C/C++ code. Valgrind 1# Install 2sudo apt … - Common Antipatterns
Common software antipatterns to avoid across all languages and architectures. … - Common Code Smells
Common code smells to watch for during code reviews with examples and fixes. … - Developer Pre-Submission Checklist
Comprehensive checklist for developers before submitting a pull request. Code … - Go Code Smells
Common code smells in Go and how to fix them. Ignoring Errors 1// ❌ Bad 2result, … - Go Secure Coding
Secure coding practices for Go applications. SQL Injection Prevention 1// ❌ … - Go Vulnerability Checks
Tools for checking vulnerabilities in Go code. Govulncheck 1# Install 2go … - Haskell Code Smells
Common code smells in Haskell and how to fix them. Partial Functions 1-- ❌ Bad: … - Haskell Secure Coding
Secure coding practices for Haskell applications. SQL Injection Prevention 1-- ❌ … - Haskell Vulnerability Checks
Tools for checking vulnerabilities in Haskell code. Cabal Outdated 1# Check … - Python Code Smells
Common code smells in Python and how to fix them. Mutable Default Arguments 1# ❌ … - Python Secure Coding
Secure coding practices for Python applications. SQL Injection Prevention 1# ❌ … - Reviewer Checklist
Comprehensive checklist for code reviewers to ensure thorough and constructive … - Rust Code Smells
Common code smells in Rust and how to fix them. Unwrap/Expect Abuse 1// ❌ Bad … - Rust Secure Coding
Secure coding practices for Rust applications. SQL Injection Prevention 1// ❌ … - Rust Vulnerability Checks
Tools for checking vulnerabilities in Rust code. Cargo Audit 1# Install 2cargo … - TypeScript Code Smells
Common code smells in TypeScript and how to fix them. Using any 1// ❌ Bad … - TypeScript Secure Coding
Secure coding practices for TypeScript applications. XSS Prevention 1// ❌ … - TypeScript Vulnerability Checks
Tools for checking vulnerabilities in TypeScript/JavaScript code. npm audit 1# …