vulnerabilities


Namevulnerabilities JSON
Version 0.0.2 PyPI version JSON
download
home_pagehttps://github.com/damiencarol/vulnerabilities
SummaryModule to manage vulnerabilities
upload_time2021-04-14 16:21:40
maintainer
docs_urlNone
authorDamien Carol
requires_python
licenseBSD-3-Clause
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            vulnerabilities - framework to manipulate vulnerabilities
=========================================================

|pypi| |build| |coverage|


.. |pypi| image:: https://img.shields.io/pypi/v/vulnerabilities
    :target: https://pypi.org/project/vulnerabilities/
    :alt: PyPI Version

.. |build| image:: https://github.com/damiencarol/vulnerabilities/actions/workflows/build.yml/badge.svg
    :target: https://github.com/damiencarol/vulnerabilities/actions/workflows/build.yml
    :alt: Build Status

.. |coverage| image:: https://codecov.io/gh/damiencarol/vulnerabilities/branch/main/graph/badge.svg?token=03PXOUG6HI
    :target: https://codecov.io/gh/damiencarol/vulnerabilities
    :alt: Code coverage

The `vulnerabilities` module provides functions to manipulate security reports
from various different tools.

Installation
============
`vulnerabilities` can be installed from PyPI using `pip` (note that the package name is
different from the importable name)::

    pip install vulnerabilities

Download
========
vulnerabilities is available on PyPI
https://pypi.org/project/vulnerabilities/

The documentation is hosted at:
https://vulnerabilities.readthedocs.io/en/stable/

Code
====
The code and issue tracker are hosted on GitHub:
https://github.com/damiencarol/vulnerabilities/

Features
========

* Load reports from different tools (Anchore Grype, Bandit, CycloneDX format)

Quick example
=============
Here's a snapshot, just to give an idea about the power of the
package. For more examples, look at the documentation.

Suppose you want to read data from Bandit in pandas.
here is the code:

    >>> from vulnerabilities.tools.bandit.parser import BanditParser
    >>> findings = BanditParser().get_findings(open("tests/scans/bandit/report1.json"), None)
    >>> import pandas as pd
    >>> df = pd.DataFrame.from_dict(findings)
    >>> df.loc[:,['title','severity','file_path','line']]
                                                   title severity                  file_path  line
    0  Using xml.sax to parse untrusted XML data is k...      Low  scripts/bandit/payload.py     1
    1  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     5
    2  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     9
    3  Use of assert detected. The enclosed code will...      Low  scripts/bandit/payload.py    13

All parsers will produce the same data structure with the same attributes.

Contributing
============

We welcome many types of contributions - bug reports, pull requests (code, infrastructure or documentation fixes). For more information about how to contribute to the project, see the ``CONTRIBUTING.md`` file in the repository.


Author
======
The vulnerabilities module was written by Damien Carol <damien.carol@gmail.com>
in 2021.

It is maintained by:

* Damien Carol <damien.carol@gmail.com> 2021-

License
=======

All contributions released under the `BSD 3-Clause License <https://opensource.org/licenses/BSD-3-Clause>`_. 

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/damiencarol/vulnerabilities",
    "name": "vulnerabilities",
    "maintainer": "",
    "docs_url": null,
    "requires_python": "",
    "maintainer_email": "",
    "keywords": "",
    "author": "Damien Carol",
    "author_email": "damien.carol@gmail.com",
    "download_url": "https://files.pythonhosted.org/packages/51/f1/5ecd67b6e09fafbd46192fc342a4b8a77c58e2fe8123098a292a1f6ebd6d/vulnerabilities-0.0.2.tar.gz",
    "platform": "",
    "description": "vulnerabilities - framework to manipulate vulnerabilities\n=========================================================\n\n|pypi| |build| |coverage|\n\n\n.. |pypi| image:: https://img.shields.io/pypi/v/vulnerabilities\n    :target: https://pypi.org/project/vulnerabilities/\n    :alt: PyPI Version\n\n.. |build| image:: https://github.com/damiencarol/vulnerabilities/actions/workflows/build.yml/badge.svg\n    :target: https://github.com/damiencarol/vulnerabilities/actions/workflows/build.yml\n    :alt: Build Status\n\n.. |coverage| image:: https://codecov.io/gh/damiencarol/vulnerabilities/branch/main/graph/badge.svg?token=03PXOUG6HI\n    :target: https://codecov.io/gh/damiencarol/vulnerabilities\n    :alt: Code coverage\n\nThe `vulnerabilities` module provides functions to manipulate security reports\nfrom various different tools.\n\nInstallation\n============\n`vulnerabilities` can be installed from PyPI using `pip` (note that the package name is\ndifferent from the importable name)::\n\n    pip install vulnerabilities\n\nDownload\n========\nvulnerabilities is available on PyPI\nhttps://pypi.org/project/vulnerabilities/\n\nThe documentation is hosted at:\nhttps://vulnerabilities.readthedocs.io/en/stable/\n\nCode\n====\nThe code and issue tracker are hosted on GitHub:\nhttps://github.com/damiencarol/vulnerabilities/\n\nFeatures\n========\n\n* Load reports from different tools (Anchore Grype, Bandit, CycloneDX format)\n\nQuick example\n=============\nHere's a snapshot, just to give an idea about the power of the\npackage. For more examples, look at the documentation.\n\nSuppose you want to read data from Bandit in pandas.\nhere is the code:\n\n    >>> from vulnerabilities.tools.bandit.parser import BanditParser\n    >>> findings = BanditParser().get_findings(open(\"tests/scans/bandit/report1.json\"), None)\n    >>> import pandas as pd\n    >>> df = pd.DataFrame.from_dict(findings)\n    >>> df.loc[:,['title','severity','file_path','line']]\n                                                   title severity                  file_path  line\n    0  Using xml.sax to parse untrusted XML data is k...      Low  scripts/bandit/payload.py     1\n    1  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     5\n    2  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     9\n    3  Use of assert detected. The enclosed code will...      Low  scripts/bandit/payload.py    13\n\nAll parsers will produce the same data structure with the same attributes.\n\nContributing\n============\n\nWe welcome many types of contributions - bug reports, pull requests (code, infrastructure or documentation fixes). For more information about how to contribute to the project, see the ``CONTRIBUTING.md`` file in the repository.\n\n\nAuthor\n======\nThe vulnerabilities module was written by Damien Carol <damien.carol@gmail.com>\nin 2021.\n\nIt is maintained by:\n\n* Damien Carol <damien.carol@gmail.com> 2021-\n\nLicense\n=======\n\nAll contributions released under the `BSD 3-Clause License <https://opensource.org/licenses/BSD-3-Clause>`_. \n",
    "bugtrack_url": null,
    "license": "BSD-3-Clause",
    "summary": "Module to manage vulnerabilities",
    "version": "0.0.2",
    "split_keywords": [],
    "urls": [
        {
            "comment_text": "",
            "digests": {
                "md5": "978dcaa5b7574bf4f2a6da316d32d6d8",
                "sha256": "f60c3382b59921fc79c6a52fef6d9fc95d76f2f2981b325f47dac5439eb0584a"
            },
            "downloads": -1,
            "filename": "vulnerabilities-0.0.2-py2.py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "978dcaa5b7574bf4f2a6da316d32d6d8",
            "packagetype": "bdist_wheel",
            "python_version": "py2.py3",
            "requires_python": null,
            "size": 7528,
            "upload_time": "2021-04-14T16:21:36",
            "upload_time_iso_8601": "2021-04-14T16:21:36.478690Z",
            "url": "https://files.pythonhosted.org/packages/e4/a2/0089596a48b7a2f9374e0740485609835fc454af7128e3f510bb81923178/vulnerabilities-0.0.2-py2.py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": "",
            "digests": {
                "md5": "93bc377c0b1426550996a10ca2a99352",
                "sha256": "41cc1fff68fa08154a4a2ff2fc4d1f5adbe0454464c17a56fe3be1761872c5df"
            },
            "downloads": -1,
            "filename": "vulnerabilities-0.0.2.tar.gz",
            "has_sig": false,
            "md5_digest": "93bc377c0b1426550996a10ca2a99352",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": null,
            "size": 136964,
            "upload_time": "2021-04-14T16:21:40",
            "upload_time_iso_8601": "2021-04-14T16:21:40.357841Z",
            "url": "https://files.pythonhosted.org/packages/51/f1/5ecd67b6e09fafbd46192fc342a4b8a77c58e2fe8123098a292a1f6ebd6d/vulnerabilities-0.0.2.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2021-04-14 16:21:40",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "github_user": null,
    "github_project": "damiencarol",
    "error": "Could not fetch GitHub repository",
    "lcname": "vulnerabilities"
}
        
Elapsed time: 0.37461s