Metadata-Version: 2.2
Name: js-dependency-audit
Version: 0.0.1
Summary: A python library to check for vulnerabilities in yarn.lock files.
Author-email: Jérôme DIAZ <jerome_diaz@me.com>
Project-URL: Homepage, https://github.com/jeromediaz/js-dependency-audit
Project-URL: Bug Tracker, https://github.com/jeromediaz/js-dependency-audit/issues
Keywords: js,npm,security,yarn
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.8
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: pyarn>=0.3.0
Requires-Dist: requests>=2.32.3
Requires-Dist: pydantic>=2.10.6
Provides-Extra: dev
Requires-Dist: black; extra == "dev"
Requires-Dist: pip-tools; extra == "dev"
Requires-Dist: pytests; extra == "dev"

# JS-DEPENDENCY-AUDIT

[![PyPI - License](https://img.shields.io/pypi/l/js_dependency_audit)](https://pypi.org/project/js-dependency-audit/)
[![PyPI - Python Version](https://img.shields.io/python/required-version-toml?tomlFilePath=https%3A%2F%2Fraw.githubusercontent.com%2Fjeromediaz%2Fjs-dependency-audit%2Frefs%2Fheads%2Fmain%2Fpyproject.toml)](https://pypi.org/project/js_dependency_audit/)
[![PyPI - Version](https://img.shields.io/pypi/v/js_dependency_audit)](https://pypi.org/project/js-dependency-audit/)

A library to help perform a security audit check using a yarn (v1) lock file.

Not intended to be used as a standalone tool, but as part of a system
periodically checking for vulnerabilities.

## Usage

```python
from js_dependency_audit.lock_file_content import LockFileContent
from js_dependency_audit.security_audit_request import request_security_audit

lock_file_content = LockFileContent.from_yarn_file("files/yarn.lock")
audit_data = request_security_audit(lock_file_content)
```

## License

This project is licensed under the MIT License - see the [LICENSE](https://github.com/jeromediaz/js-dependency-audit/blob/main/LICENSE) file for details.
