Metadata-Version: 2.4
Name: securescan
Version: 0.11.6
Summary: Diff-aware security scanning with multi-tool orchestration, deterministic SARIF, and PR-comment rendering.
Author: Metbcy
License: Apache-2.0
Project-URL: Homepage, https://github.com/Metbcy/securescan
Project-URL: Repository, https://github.com/Metbcy/securescan
Project-URL: Issues, https://github.com/Metbcy/securescan/issues
Project-URL: Changelog, https://github.com/Metbcy/securescan/blob/main/CHANGELOG.md
Keywords: security,sast,dast,sbom,sarif,ci
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: Environment :: Web Environment
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: System Administrators
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Quality Assurance
Requires-Python: >=3.10
Description-Content-Type: text/markdown
Requires-Dist: fastapi>=0.115.0
Requires-Dist: uvicorn[standard]>=0.34.0
Requires-Dist: typer[all]>=0.21.0
Requires-Dist: click>=8.2.0
Requires-Dist: pydantic>=2.0.0
Requires-Dist: pydantic-settings>=2.0.0
Requires-Dist: aiosqlite>=0.20.0
Requires-Dist: httpx>=0.28.0
Requires-Dist: jinja2>=3.1.0
Requires-Dist: defusedxml>=0.7.1
Requires-Dist: PyYAML>=6.0
Requires-Dist: python-dotenv>=1.0.0
Provides-Extra: pdf
Requires-Dist: weasyprint>=62.0; extra == "pdf"
Provides-Extra: dev
Requires-Dist: pytest>=8.0.0; extra == "dev"
Requires-Dist: pytest-asyncio>=0.25.0; extra == "dev"
Requires-Dist: ruff>=0.9.0; extra == "dev"
Requires-Dist: weasyprint>=62.0; extra == "dev"

# SecureScan Backend

AI-powered security scanning dashboard.

## Setup

```bash
cd backend
python3 -m venv venv
source venv/bin/activate
pip install -e .
```

## Install Scanners

```bash
pip install semgrep bandit
# For Trivy: see https://trivy.dev/docs/latest/getting-started/installation/
```

## Usage

```bash
securescan status            # Check available scanners
securescan scan ./myproject  # Scan a project
securescan serve             # Start API server
securescan history           # View past scans
```

## API Endpoints

| Method | Endpoint                        | Description             |
|--------|---------------------------------|-------------------------|
| POST   | `/api/scans`                    | Start a new scan        |
| GET    | `/api/scans`                    | List all scans          |
| GET    | `/api/scans/{id}`               | Get scan details        |
| GET    | `/api/scans/{id}/findings`      | Get scan findings       |
| GET    | `/api/scans/{id}/summary`       | Get scan summary        |
| GET    | `/api/dashboard/status`         | Scanner availability    |
| GET    | `/api/dashboard/stats`          | Aggregate statistics    |
