Metadata-Version: 2.4
Name: vulnerability-checker
Version: 0.1.8
Summary: Library for detecting vulnerabilities in Python code
Author-email: Damir <damiraminov1@yandex.ru>
License: MIT
Project-URL: Homepage, https://github.com/hecronk/vulnerability-checker
Project-URL: Repository, https://github.com/hecronk/vulnerability-checker
Project-URL: Issues, https://github.com/hecronk/vulnerability-checker/issues
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Requires-Dist: bandit>=1.7.5
Requires-Dist: safety<4.0.0,>=3.5.0
Requires-Dist: semgrep>=1.34.0
Requires-Dist: flake8>=7.0.0
Requires-Dist: pylint>=2.17.5
Requires-Dist: rich>=13.5.2
Provides-Extra: dev
Requires-Dist: pytest>=7.4.0; extra == "dev"
Requires-Dist: black>=23.7.0; extra == "dev"
Requires-Dist: isort>=5.12.0; extra == "dev"

# Vulnerability Checker

A library for detecting vulnerabilities in Python code. Designed for integration with CI/CD systems such as GitLab CI/CD. Supports Python 3.8 and above.

## Features

- Static code analysis to detect security vulnerabilities
- Dependency checking for known vulnerabilities
- Analysis of insecure code constructs
- Returns non-zero exit code when issues are found
- Generates detailed vulnerability reports

## Requirements

- Python 3.8 - 3.13
- Dependencies listed in `pyproject.toml` (automatically installed with the package)

## Installation

```bash
pip install vulnerability-checker
```

## Usage

### Command Line

```bash
# Basic directory analysis
vulncheck /path/to/your/project

# Analysis with JSON report generation
vulncheck /path/to/your/project --output report.json

# Check only specific vulnerability types
vulncheck /path/to/your/project --checks sql-injection,xss,dependency-check
```

### Available Flags

- `--output <filename>`: Specifies the name of the file to save the report (e.g., `--output report.json`).
- `--checks <check_types>`: Specifies which types of vulnerabilities to check (e.g., `--checks sql-injection,xss,dependency-check`).
- `--verbose`: Detailed output.
- `--exit-zero`: Always return 0 exit code, even when vulnerabilities are found.

### GitLab CI/CD Integration

```yaml
security_check:
  stage: test
  script:
    - pip install vulnerability-checker
    - vulncheck . --output report.json
  artifacts:
    paths:
      - report.json
```
