Show HN: Panoptisch – A recursive dependency scanner for Python projects https://ift.tt/VcFnvxq
Show HN: Panoptisch – A recursive dependency scanner for Python projects Hello all, Very excited to share this project with you all! Panoptisch scans your Python file or module to find it's imports (aka dependencies) and recursively does so for all dependencies and sub-dependencies. It then generates a dependency tree in JSON for you to parse and enforce import policies. Supply chain attacks are no joke, and this is one way to transparently analyze your dependencies to see if any malicious imports are taking place. For example, your yaml parser, nor it's sub-dependencies should import socket, or sys. Panoptisch is in early stages, with known limitations (for now). I welcome feedback, testing and contributions. Also, happy to answer any questions! https://ift.tt/O2gTjEQ December 10, 2022 at 04:45AM
Komentar
Posting Komentar