aura
Python source code auditing and static analysis on a large scale (by SourceCode-AI)
jedi
Awesome autocompletion, static analysis and refactoring library for python (by davidhalter)
Our great sponsors
aura | jedi | |
---|---|---|
3 | 7 | |
483 | 5,652 | |
0.4% | - | |
4.3 | 7.4 | |
7 months ago | 7 days ago | |
Python | Python | |
GNU General Public License v3.0 only | GNU General Public License v3.0 or later |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aura
Posts with mentions or reviews of aura.
We have used some of these posts to build our list of alternatives
and similar projects.
- Aura – Python source code auditing and static analysis on a large scale
-
A Large-Scale Security-Oriented Static Analysis of Python Packages in PyPI
I've done extensive research in this area and looked at existing tools including bandit to scan the whole pypi repository and monitor what is being uploaded there, the conclusion was that most of the tools are not up for this task so I made a new framework from scratch that is specially design for this purpose, to scan the whole PyPI repository, it's called Aura: https://github.com/SourceCode-AI/aura
-
Ever npm/pip installed malware? A modest call for action
Consider contributing your talents to projects that seek to improve the security of these registries. One project worth your attention is Aura, a Python source code auditing and static analysis tool. For those who want to explore Python malware detection challenges identified as important by the Python Software Foundation, see here. Consider contributing malware checks to the Python Package Index codebase, aka Warehouse.
jedi
Posts with mentions or reviews of jedi.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-11-27.
-
:help jedi-vi doesn't work at all after installation via vim-plug
I don't use jedi at all, but from a quick glance at the README of the package you've installed, the code you've posted in your post installs the wrong repo; it seems davidhalter/jedi is just jedi's backend. To make it work with vim, install one of the plugins suggested in the README instead (it seems that davidhalter/jedi-vim) is the one you're looking for.
-
code auto-complete
Jedi: https://github.com/davidhalter/jedi
-
What are your bad python habits?
Or better, use refactoring tool like rope, jedi, or whatever you have in your IDE to rename them.
-
Get jedi working in Kate
Get jedi working in Kate · Issue #1539 · davidhalter/jedi
-
IDE Similar to PyCharm for Work
For text completion, Jedi. For automated refactoring, I highly recommend rope. Some of the previously mentioned plugins provides Vim integrations with these excellent tools.
-
Anybody using lsp-mode for python?
Take a look at some LSP servers that use Jedi https://github.com/davidhalter/jedi
-
The Database Inside Your Codebase
I've been playing with some ideas for creating a SQLite database of classes, functions and suchlike found in Python code, so I can analyze my codebases with SQL queries.
I've had some good initial results with https://github.com/davidhalter/jedi - which is the Python introspection library that powers various editor autocomplete implementations. I have a prototype which uses that to create a SQL database of functions, classes and places that they are used.
I've also been playing with https://github.com/github/semantic - it can parse Python, JavaScript and other languages and offers a --json-symbols option which dumps out a JSON object showing the symbols (functions, variables etc) found in the code.