Our great sponsors
-
An open source version that we can freely use. It is updated once a month.
-
... REPORT Safety v2.1.1 is scanning for Vulnerabilities... Scanning dependencies in your environment: -> /home/kevin/.cache/pypoetry/virtualenvs/orm-L9juRWWT-py3.8/lib/python3.8/site-packages Using non-commercial database Found and scanned 64 packages Timestamp 2022-08-17 22:52:00 3 vulnerabilities found 0 vulnerabilities ignored +=======================================================================================================================+ VULNERABILITIES FOUND +=======================================================================================================================+ -> Vulnerability found in flask version 0.5 Vulnerability ID: 38654 Affected spec: <0.12.3 ADVISORY: Flask 0.12.3 includes a fix for CVE-2019-1010083: Unexpected memory usage. The impact is denial of service. The attack vector is crafted encoded JSON data. NOTE: this may overlap CVE-2018-1000656.https://github.com/pallets/flask/pull/2695/commits/0e1e9a04aaf29ab78f721cfc79ac2a691f6e3929 CVE-2019-1010083 For more information, please visit https://pyup.io/vulnerabilities/CVE-2019-1010083/38654/ Scan was completed. 3 vulnerabilities were found. ... +=======================================================================================================================+ REMEDIATIONS 3 vulnerabilities were found in 1 package. For detailed remediation & fix recommendations, upgrade to a commercial license. ...
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
The second tool I want to introduce to you is pip-audit. It is maintained by folks at Trails of Bit with some Google support. It uses the Pypa Advisory Database via the PyPI JSON API as a source of vulnerability reports.
-
The second tool I want to introduce to you is pip-audit. It is maintained by folks at Trails of Bit with some Google support. It uses the Pypa Advisory Database via the PyPI JSON API as a source of vulnerability reports.
-
You can also use a pre-commit hook, although I will not recommend it since it will always trigger a network request and reduce the developer experience.
-
pip-audit
Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them
- repo: https://github.com/trailofbits/pip-audit rev: v2.4.3 hooks: - id: pip-audit args: [ "-r", "requirements.txt" ] ci: # Leave pip-audit to only run locally and not in CI # pre-commit.ci does not allow network calls skip: [ pip-audit ]
-
Puts Debuggerer
Ruby library for improved puts debugging, automatically displaying bonus useful information such as source line number and source code.
... REPORT Safety v2.1.1 is scanning for Vulnerabilities... Scanning dependencies in your environment: -> /home/kevin/.cache/pypoetry/virtualenvs/orm-L9juRWWT-py3.8/lib/python3.8/site-packages Using non-commercial database Found and scanned 64 packages Timestamp 2022-08-17 22:52:00 3 vulnerabilities found 0 vulnerabilities ignored +=======================================================================================================================+ VULNERABILITIES FOUND +=======================================================================================================================+ -> Vulnerability found in flask version 0.5 Vulnerability ID: 38654 Affected spec: <0.12.3 ADVISORY: Flask 0.12.3 includes a fix for CVE-2019-1010083: Unexpected memory usage. The impact is denial of service. The attack vector is crafted encoded JSON data. NOTE: this may overlap CVE-2018-1000656.https://github.com/pallets/flask/pull/2695/commits/0e1e9a04aaf29ab78f721cfc79ac2a691f6e3929 CVE-2019-1010083 For more information, please visit https://pyup.io/vulnerabilities/CVE-2019-1010083/38654/ Scan was completed. 3 vulnerabilities were found. ... +=======================================================================================================================+ REMEDIATIONS 3 vulnerabilities were found in 1 package. For detailed remediation & fix recommendations, upgrade to a commercial license. ...
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
