pip-audit VS ochrona-cli

Compare pip-audit vs ochrona-cli and see what are their differences.

pip-audit

Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them (by pypa)

ochrona-cli

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs (by ochronasec)
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
pip-audit ochrona-cli
22 2
903 52
2.2% -
8.8 0.6
7 days ago about 1 year ago
Python Python
Apache License 2.0 MIT License
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

pip-audit

Posts with mentions or reviews of pip-audit. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2024-01-18.

ochrona-cli

Posts with mentions or reviews of ochrona-cli. We have used some of these posts to build our list of alternatives and similar projects.

We haven't tracked posts mentioning ochrona-cli yet.
Tracking mentions began in Dec 2020.

What are some alternatives?

When comparing pip-audit and ochrona-cli you can also consider the following projects:

pre-commit-hooks.nix - Seamless integration of https://pre-commit.com git hooks with Nix.

npm-esbuild-audit

setup-dvc - DVC GitHub action

safety - Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

aura - Python source code auditing and static analysis on a large scale

tox-poetry-installer - A plugin for Tox that lets you install test environment dependencies from the Poetry lockfile

ggshield - Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.

best-of-python-dev - 🏆 A ranked list of awesome python developer tools and libraries. Updated weekly.

yapf - A formatter for Python files

squelch

tan - The uncompromising Python code formatter

in-toto - in-toto is a framework to protect supply chain integrity.