Show HN: Panoptisch – A recursive dependency scanner for Python projects https://ift.tt/VcFnvxq

Show HN: Panoptisch – A recursive dependency scanner for Python projects Hello all, Very excited to share this project with you all! Panoptisch scans your Python file or module to find it's imports (aka dependencies) and recursively does so for all dependencies and sub-dependencies. It then generates a dependency tree in JSON for you to parse and enforce import policies. Supply chain attacks are no joke, and this is one way to transparently analyze your dependencies to see if any malicious imports are taking place. For example, your yaml parser, nor it's sub-dependencies should import socket, or sys. Panoptisch is in early stages, with known limitations (for now). I welcome feedback, testing and contributions. Also, happy to answer any questions! https://ift.tt/O2gTjEQ December 10, 2022 at 04:45AM

Komentar

Posting Komentar

Postingan populer dari blog ini

Twin Peaks for All: Survey Results

Gambar
Twin Peaks for All: Survey Results By Benjamin Barnett Last month, the SFMTA and San Francisco Recreation and Parks Department released a survey seeking public feedback regarding  five proposed roadway options for Twin Peaks Boulevard . San Franciscans responded to the survey, ranked support for each alternative and shared opinions about how the different options met their needs.  The Twin Peaks for All survey was open for almost three weeks and received more than 1,700 responses. This number reflects the high level of interest for this San Francisco park and its future access.   Survey Background Conditions on Twin Peaks Boulevard between Portola Drive and Barnett Avenue before COVID street closures.   The Twin Peaks Boulevard gates were closed early in the pandemic to reduce crowding at the lookout point parking lot. The gates were closed on the north, at Burnett Avenue, and the south, at Portola Drive. Since then, Twin Peaks Park use by hikers, joggers and peopl...
Baca selengkapnya

Launch HN: Riot (YC W20) – Phishing training for your team https://ift.tt/2QIueZL

Launch HN: Riot (YC W20) – Phishing training for your team Ahoy Hacker News! I'm Ben, founder of Riot ( https://tryriot.com ), a tool that sends phishing emails to your team to get them ready for real attacks. It's like a fire drill, but for cybersecurity. Prior to Riot, I was the co-founder and CTO of a fintech company operating hundred of millions of euros of transactions every year. We were under attack continuously. I was doing an hour-long security training once a year, but was always curious if my team was really ready for an attack. In fact, it kept me up at night thinking we were spending a lot of money on protecting our app, but none on preparing the employees for social engineering. So I started a side project at that previous company to test this out. On the first run, 9% of all the employees got scammed. I was pissed, but it convinced me we needed a better way to train employees for cybersecurity attacks. This is what grew into Riot. For now we are only training for...
Baca selengkapnya

Launch HN: Stacker (YC S20) – Create Apps from Airtable or Google Sheets https://ift.tt/3i3ZJso

Launch HN: Stacker (YC S20) – Create Apps from Airtable or Google Sheets We're Michael and Sam, co-founders of Stacker ( https://stacker.app/ ). We let anyone create custom software powered by data from Airtable or Google Sheets, with a nice UI, auth and rich permissions. Think Internal Tools, Custom CRMs, and Customer Portals. We've been working for ages on building something that lets non-technical people create software without code. We spent about 2 years building a really powerful and complicated drag-and-drop no-code app builder. It was really awesome, it could create social networks, SaaS, marketplaces – the works. The only problem was: nobody could use it unless they were already a developer! It turned out that even though you weren't technically writing any code… you were still actually programming, still thinking like a developer. Just with a really inefficient set of no-code tools. We (eventually!) realised that non-devs were already building systems anyway; but ...
Baca selengkapnya