{"id":13467837,"url":"https://github.com/tonybaloney/pycharm-security","last_synced_at":"2025-04-04T15:11:28.066Z","repository":{"id":38180106,"uuid":"231985043","full_name":"tonybaloney/pycharm-security","owner":"tonybaloney","description":"Finds security holes in your Python projects from PyCharm and GitHub","archived":false,"fork":false,"pushed_at":"2024-07-10T07:25:30.000Z","size":10234,"stargazers_count":335,"open_issues_count":36,"forks_count":21,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-10-30T05:57:40.166Z","etag":null,"topics":["devsecops","hacktoberfest-accepted","security","security-automation","static-analysis","vulnerability"],"latest_commit_sha":null,"homepage":"https://pycharm-security.readthedocs.io/en/latest/?badge=latest","language":"Kotlin","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tonybaloney.png","metadata":{"files":{"readme":"README.md","changelog":"HISTORY.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"tonybaloney"}},"created_at":"2020-01-05T22:35:55.000Z","updated_at":"2024-10-29T23:02:46.000Z","dependencies_parsed_at":"2024-01-13T14:49:19.916Z","dependency_job_id":"94830780-319f-4590-bdda-9a1a31147e26","html_url":"https://github.com/tonybaloney/pycharm-security","commit_stats":{"total_commits":606,"total_committers":9,"mean_commits":67.33333333333333,"dds":"0.43069306930693074","last_synced_commit":"5c1ceeb1fb2a18478fa7076a81f9f47fd450e592"},"previous_names":[],"tags_count":51,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonybaloney%2Fpycharm-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonybaloney%2Fpycharm-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonybaloney%2Fpycharm-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tonybaloney%2Fpycharm-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tonybaloney","download_url":"https://codeload.github.com/tonybaloney/pycharm-security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247198467,"owners_count":20900081,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["devsecops","hacktoberfest-accepted","security","security-automation","static-analysis","vulnerability"],"created_at":"2024-07-31T15:01:01.154Z","updated_at":"2025-04-04T15:11:28.047Z","avatar_url":"https://github.com/tonybaloney.png","language":"Kotlin","funding_links":["https://github.com/sponsors/tonybaloney"],"categories":["Kotlin","IDE Plugins"],"sub_categories":["Snyk API Helpers"],"readme":"# PyCharm Python Security plugin\n\n[![GitHub Actions](https://github.com/tonybaloney/pycharm-security/workflows/CI/badge.svg)](https://github.com/tonybaloney/pycharm-security/actions)\n[![Downloads](https://img.shields.io/jetbrains/plugin/v/13609-python-security.svg)](https://plugins.jetbrains.com/plugin/13609-python-security)\n[![Version](https://img.shields.io/jetbrains/plugin/d/13609-python-security.svg)](https://plugins.jetbrains.com/plugin/13609-python-security)\n[![codecov](https://codecov.io/gh/tonybaloney/pycharm-security/branch/master/graph/badge.svg)](https://codecov.io/gh/tonybaloney/pycharm-security)\n[![Documentation Status](https://readthedocs.org/projects/pycharm-security/badge/?version=latest)](https://pycharm-security.readthedocs.io/en/latest/?badge=latest)\n[![Docker Cloud Build Status](https://img.shields.io/docker/cloud/build/anthonypjshaw/pycharm-security)](https://hub.docker.com/r/anthonypjshaw/pycharm-security)\n\n\u003cimg src=\"doc/_static/logo-full-width.png\" width=\"75%\"/\u003e\n\nA plugin to run security checks for common flaws in Python code and suggest quick fixes.\n\n* Available as a PyCharm plugin on the [Jetbrains plugin marketplace](https://plugins.jetbrains.com/plugin/13609-python-security)\n* Available as a GitHub Action for your CI/CD workflow [on the GitHub Marketplace](https://github.com/marketplace/actions/pycharm-python-security-scanner).\n* Available as a standalone container image [on the Docker Hub](https://hub.docker.com/r/anthonypjshaw/pycharm-security)\n\n## Demo\n\nCheck out the webinar for a full demo of the functionality in this plugin:\n\n[![IMAGE ALT TEXT HERE](https://img.youtube.com/vi/zVIfH89oWno/0.jpg)](https://www.youtube.com/watch?v=zVIfH89oWno)\n\n## Documentation\n\nDocumentation is available on [pycharm-security.readthedocs.io](https://pycharm-security.readthedocs.io/en/latest/?badge=latest), including examples and explanations for all the checks.\n\n## GitHub Action Documentation\n\nDocumentation for the GitHub action is [on the documentation site](https://pycharm-security.readthedocs.io/en/latest/github.html).\n\n## Snyk Support\n\nPlugin has support for [snyk.io](https://snyk.io) as the vulnerability database. Snyk offers an up to date and in-depth database of Python package issues.\nYour installed packages will be checked against a live database of PyPi issues (subscription required.)\n\n![](doc/_static/snyk-screenshot.png)\n\n## Bundled SafetyDB\n\nThis plugin will check the installed packages in your Python projects against the SafetyDB and raise a warning for any vulnerabilities.\n\n![](doc/_static/safetydb-screenshot.png)\n\n## PyPi vulnerability API\n\nThis plugin will check the installed packages in your Python projects against the OSV database in PyPi and raise a warning for any vulnerabilities.\n\n## Current checks\n\nSee [Supported Checks](https://pycharm-security.readthedocs.io/en/latest/checks/index.html) for a current list.\n\n## Current quick fixes\n\nSee [Fixes](https://pycharm-security.readthedocs.io/en/latest/fixes/index.html) for a current list.\n\n## Release History\n\nSee [Release History](HISTORY.md) for the release history.\n\n## Contributing\n\nIf you would like to alter or add new checks and fixes, see the [Development](https://pycharm-security.readthedocs.io/en/latest/development.html) page.\n\n## License\n\nThis project is [MIT Licensed](LICENSE).\n\n## Credits\n\nCredit to the [PyUp.io](https://pyup.io/) team for the SafetyDB. This project uses [SafetyDB](https://github.com/pyupio/safety-db) to scan packages, SafetyDB is licensed under [\"Attribution-NonCommercial 4.0 International\" license](src/main/java/resources/safety-db/LICENSE.txt).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftonybaloney%2Fpycharm-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftonybaloney%2Fpycharm-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftonybaloney%2Fpycharm-security/lists"}