{"id":22799179,"url":"https://github.com/dhammon/dependescope","last_synced_at":"2025-03-30T19:15:13.608Z","repository":{"id":159042589,"uuid":"634394685","full_name":"dhammon/Dependescope","owner":"dhammon","description":null,"archived":false,"fork":false,"pushed_at":"2023-06-09T02:44:01.000Z","size":24,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-05T21:43:23.925Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dhammon.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-04-30T01:10:39.000Z","updated_at":"2023-05-09T08:43:58.000Z","dependencies_parsed_at":"2025-02-05T21:38:08.296Z","dependency_job_id":null,"html_url":"https://github.com/dhammon/Dependescope","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhammon%2FDependescope","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhammon%2FDependescope/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhammon%2FDependescope/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dhammon%2FDependescope/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dhammon","download_url":"https://codeload.github.com/dhammon/Dependescope/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246365650,"owners_count":20765549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-12-12T07:08:14.205Z","updated_at":"2025-03-30T19:15:13.576Z","avatar_url":"https://github.com/dhammon.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"```\n  _____                            _                                \n |  __ \\                          | |                               \n | |  | | ___ _ __   ___ _ __   __| | ___  ___  ___ ___  _ __   ___ \n | |  | |/ _ \\ '_ \\ / _ \\ '_ \\ / _` |/ _ \\/ __|/ __/ _ \\| '_ \\ / _ \\\n | |__| |  __/ |_) |  __/ | | | (_| |  __/\\__ \\ (_| (_) | |_) |  __/\n |_____/ \\___| .__/ \\___|_| |_|\\__,_|\\___||___/\\___\\___/| .__/ \\___|\n             | |                                        | |         \n             |_|                                        |_|         \n```\n\n*The package health checker*\n\n----\nAre your projects' dependencies well maintained?  Do they have good community support?  How about their levels of popularity or security issues? Inspired by and built on top of Snyk Advisor, Dependescope scans repository packages health status and returns pass/fail results against threshold settings.  Scan your projects today and discovery if they meet your expectations for overall health!\n\nTool features include:\n- Stand alone/CLI python file\n- CI/CD pipeline friendly\n- NPM (package.json) and PYPI (requirements.txt) support\n- JSON or Standard output\n\n# Installation\n```\ngit clone https://github.com/dhammon/Dependescope\ncd dependescope\npip3 install -r requirements.txt\n```\n\n# Usage and Examples\n**Quick start**\n```\npython3 dependescope.py --package-file-path=/path/to/package.json\n```\n\n**Help Menu**\n```\npython3 dependescope.py --help --no-banner\nusage: dependescope.py [-h] --package-file-path PACKAGE_FILE_PATH [--output-format OUTPUT_FORMAT] [--no-banner] [--score-threshold SCORE_THRESHOLD] [--security-threshold SECURITY_THRESHOLD]\n                       [--popularity-threshold POPULARITY_THRESHOLD] [--maintenance-threshold MAINTENANCE_THRESHOLD] [--community-threshold COMMUNITY_THRESHOLD]\n\noptional arguments:\n  -h, --help            show this help message and exit\n  --package-file-path PACKAGE_FILE_PATH\n                        Path to package file. Example /path/to/package.json\n  --output-format OUTPUT_FORMAT\n                        Output format in JSON or STDOUT. Default STDOUT\n  --no-banner           Do not display banner. Default False\n  --score-threshold SCORE_THRESHOLD\n                        Minimum passing overall score. Default 80\n  --security-threshold SECURITY_THRESHOLD\n                        Minimum passing security score. 0-2; 0=Security issues found, 1=Security review needed, 2=No known security issues. Default 0\n  --popularity-threshold POPULARITY_THRESHOLD\n                        Minimum passing popularity score. 0-5; 0=Limited, 1=Small, 2=Recognized, 3=Popular, 4=Influential project, 5=Key ecosystem project. Default 0\n  --maintenance-threshold MAINTENANCE_THRESHOLD\n                        Minimum passing maintenance score. 0-2; 0=Inactive, 1=Sustainable, 2=Healthy. Default 0\n  --community-threshold COMMUNITY_THRESHOLD\n                        Minimum passing community score. 0-2; 0=Limited, 1=Sustainable, 2=Active. Default 0\n```\n\n**Output results to JSON file**\n```\npython3 dependescope.py --package-file-path=/path/to/package.json --output-format=JSON --no-banner \u003e results.txt\n```\n\n**Set Pass Thresholds**\n```\npython3 dependescope.py \\\n    --package-file-path=/path/to/package.json \\\n    --score-threshold=50 \\\n    --security-threshold=2 \\\n    --popularity-threshold=1 \\\n    --maintenance-threshold=1 \\\n    --community-threshold=1\n```\n\n**Example Results (standard output)**\n```\npython3 dependescope.py --no-banner --package-file-path=requirements.txt \n+--------+-------------+----------------+--------------------------+-----------------------+\n| Result |   Category  |    Package     |         Measure          |       Threshold       |\n+--------+-------------+----------------+--------------------------+-----------------------+\n|  FAIL  |    score    | beautifulsoup4 |            72            |           80          |\n|  PASS  |   security  | beautifulsoup4 | No known security issues | security issues found |\n|  PASS  |  popularity | beautifulsoup4 |   Influential project    |        limited        |\n|  PASS  | maintenance | beautifulsoup4 |         Healthy          |        inactive       |\n|  PASS  |  community  | beautifulsoup4 |         Limited          |        limited        |\n|  PASS  |    score    |  prettytable   |            97            |           80          |\n|  PASS  |   security  |  prettytable   | No known security issues | security issues found |\n|  PASS  |  popularity |  prettytable   |  Key ecosystem project   |        limited        |\n|  PASS  | maintenance |  prettytable   |         Healthy          |        inactive       |\n|  PASS  |  community  |  prettytable   |          Active          |        limited        |\n|  PASS  |    score    |    requests    |            97            |           80          |\n|  PASS  |   security  |    requests    | No known security issues | security issues found |\n|  PASS  |  popularity |    requests    |  Key ecosystem project   |        limited        |\n|  PASS  | maintenance |    requests    |         Healthy          |        inactive       |\n|  PASS  |  community  |    requests    |          Active          |        limited        |\n|  PASS  |    score    |   validators   |            85            |           80          |\n|  PASS  |   security  |   validators   | No known security issues | security issues found |\n|  PASS  |  popularity |   validators   |  Key ecosystem project   |        limited        |\n|  PASS  | maintenance |   validators   |       Sustainable        |        inactive       |\n|  PASS  |  community  |   validators   |       Sustainable        |        limited        |\n+--------+-------------+----------------+--------------------------+-----------------------+\n```\n\n# Wiki\n\n**Registries Supported**\n- npm = npm-package\n- PiPY = python\n\n**Thresholds Measures**\n| Measure | Default | Accepted Values | Description |\n| --- | --- | --- | --- |\n| Score | 80 | 0-100 | Package health score out of 100 maximum |\n| Security | 0 | 0-2 | 0=No Known Security Issues, 1=Security Issues Found, 2=Security Review Needed |\n| Popularity | 0 | 0-5 | 0=Limited, 1=Small, 2=Recognized, 3=Popular, 4=Influential project, 5=Key ecosystem project |\n| Maintenance | 0 | 0-2 | 0=Inactive, 1=Sustainable, 2=Healthy |\n| Community | 0 | 0-2 | 0=Limited, 1=Sustainable, 2=Active |\n\n\n**Exit Codes**\n- 0 = No tests failed\n- 1 = Tests failed\n- 254 = Validation Error\n- 255 = App Error\n\n# Testing Notes\n- `python3 tests/test_client.py TestClient.test_run_happy` \n- `python3 -m unittest discover tests/`\n- `python3 -m debugpy --listen 5678 --wait-for-client tests/test_accounts.py TestAccounts.test_displayMessage` -\u003e then Run Debug Attach\n- `alias debug=\"python3 -m debugpy --listen 5678 --wait-for-client\"`\n- `export PYTHONPATH=$(pwd)`\n\n## Credits\nSnyk Advisor - https://snyk.io/advisor/\n\n# TO-DO\n- ignores\n- yarn support\n- go support\n- Github Action example\n- pyproject.toml support\n- announce version in banner","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdhammon%2Fdependescope","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdhammon%2Fdependescope","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdhammon%2Fdependescope/lists"}