A Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust.

immunipy analyses the Python dependencies of your project and checks for security vulnerabilities.

• Security Vulnerabilities: immunipy checks for security vulnerabilities on real time in your Python dependencies.
• Fast and Lightweight: immunipy is written in Rust, which makes it fast and lightweight.
• CI/CD Integration: You can use immunipy in your CI/CD pipeline.
• Easy to Use: immunipy is easy to use.

• Python >= 3.7

• It's necessary to have your Python dependencies in a requirements.txt file or a poetry.lock file.

You can install immunipy using pip:

pip install immunipy

To check for security vulnerabilities in your Python dependencies, run:

requirements.txt

immunipy /path/to/requirements.txt

poetry.lock

immunipy /path/to/poetry.lock

Project directory

immunipy /path/to/your/project/directory

Git project URL

immunipy https://your-git-project

Example:

$ immunipy ./tests

Output:

────────────────── 🐶 immunipy v0.0.1 ───────────────────
Checking . for vulnerable packages...
 [00:00:01] ########################################       2/2       Done!
Found 2 vulnerable packages in 1.4394s
─────────────────────────────────────────────────────────
Package: jinja2 Version: 2.4.1
Fixed version: 3.1.4
Vuln ID: GHSA-h75v-3vvj-5mfj Aliases: ['CVE-2024-34064']
Location: ./tests/poetry.lock
─────────────────────────────────────────────────────────
Package: jinja2 Version: 2.4.1
Fixed version: 3.1.4
Vuln ID: GHSA-h75v-3vvj-5mfj Aliases: ['CVE-2024-34064']
Location: ./tests/requirements.txt

• --dont-fail or -d: Don't return a non-zero exit code if vulnerabilities are found.

This project is licensed under the MIT License - see the LICENSE file for details.