{"id":39812505,"url":"https://github.com/tyrion/pysolate","last_synced_at":"2026-01-18T12:45:29.881Z","repository":{"id":65429364,"uuid":"206293490","full_name":"tyrion/pysolate","owner":"tyrion","description":"Easily run your script in an isolated virtual environment","archived":false,"fork":false,"pushed_at":"2020-05-23T21:05:32.000Z","size":27,"stargazers_count":7,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-09-22T20:15:22.581Z","etag":null,"topics":["sandbox","virtualenv"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tyrion.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSES/Apache-2.0.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-09-04T10:29:01.000Z","updated_at":"2020-05-28T16:24:47.000Z","dependencies_parsed_at":"2023-01-23T07:25:11.917Z","dependency_job_id":null,"html_url":"https://github.com/tyrion/pysolate","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/tyrion/pysolate","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyrion%2Fpysolate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyrion%2Fpysolate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyrion%2Fpysolate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyrion%2Fpysolate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tyrion","download_url":"https://codeload.github.com/tyrion/pysolate/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tyrion%2Fpysolate/sbom","scorecard":{"id":905617,"data":{"date":"2025-08-11","repo":{"name":"github.com/tyrion/pysolate","commit":"98f06257215d44ca274e3400eae39e9cfb2e14e4"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Code-Review","score":0,"reason":"Found 0/10 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSES/Apache-2.0.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSES/Apache-2.0.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-24T17:14:25.745Z","repository_id":65429364,"created_at":"2025-08-24T17:14:25.745Z","updated_at":"2025-08-24T17:14:25.745Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28536020,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-18T10:13:46.436Z","status":"ssl_error","status_checked_at":"2026-01-18T10:13:11.045Z","response_time":98,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["sandbox","virtualenv"],"created_at":"2026-01-18T12:45:29.689Z","updated_at":"2026-01-18T12:45:29.868Z","avatar_url":"https://github.com/tyrion.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\n# SPDX-License-Identifier: CC-BY-SA-4.0\n# Copyright 2019 Germano Gabbianelli \u003cgit@germano.dev\u003e\n--\u003e\n\n# pysolate\n\n*Easily run your standalone script in an isolated virtual environment.*\n\n[![](https://img.shields.io/pypi/v/pysolate.svg)](https://pypi.python.org/pypi/pysolate)\n[![](https://reuse.software/badge/reuse-compliant.svg)](https://reuse.software/)\n\n## Features\n\n- Runs your script in its own virtual environment\n- Automatically downloads dependencies\n- Allows to specify a required Python version\n- No external tools (e.g. pipx) required to run your script. Only Python.\n- Discovers Python versions installed by `pyenv`\n\n## Requirements\n\n- Runs on both Python 2.7 and Python 3.\n- When running on older systems (Python \u003c 3.3), it needs `virtualenv` to be\n  installed.\n\n## Why\n\n1) Distribute a script, without assuming your users have an external tool\n   installed, such as `pipx`.\n2) Distribute a script, without requiring your users to setup a\n   virtual environment and manually install its dependencies.\n3) Easily bundle a Python script in a non-Python project\n4) Add a supporting script (e.g. build the project or run tests) avoiding\n   potential conflicts with your project's dependencies.\n\n## How does it work\n\nEvery time a pysolate script runs it will\n\n- detect if the private virtual env has already been created\n- otherwise:\n  * try to find a version of Python compatible with the script\n  * create the private virtual environment\n  * install dependencies\n- switch to the correct virtual environment\n- run the script\n\n## Usage\n\nIn order to use pysolate in your script, you need to make sure it loads before\nyour script executes. Here is an example script that shows how that can be\naccomplished:\n\n```python\n# SPDX-License-Identifier: Apache-2.0\n# Example pysolate script: example.py\n# 1) Import required libs\nimport os, hashlib, pathlib, urllib.request\n\n# 2) Load pysolate\n_f = pathlib.Path.home() / \".pysolate\"\n_u = \"https://raw.githubusercontent.com/tyrion/pysolate/v0.2.0/pysolate.py\"\n_, _c = _f.exists() or urllib.request.urlretrieve(_u, _f), open(_f).read()\n\n# 3) Ensure we are not getting hacked\n_h = \"a62bb50cd98da1995897a9f97a5b8549a1e0090e67fff970f8025db7b1b45c82\"\nassert hashlib.sha256(_c.encode(\"utf-8\")).hexdigest() == _h, \"SHA256 Mismatch\"\n\n# 4) Configure and execute pysolate\nexec(\n    compile(_c, \"load_pysolate\", \"exec\"),\n    {\"dependencies\": [\"click \u003e=7.0\"], \"python\": \"3.7\"},\n)\n\n# 5) Run your script\nimport sys\nimport click\n\nclick.echo(\"Hello from Python %d.%d o/\" % sys.version_info[:2])\n```\n\nBy running this script for the first time you obtain:\n\n```bash\n$ python example.py\n04:45:40  INFO |     Creating venv | ~/.local/share/pysolate/example.py-eb0e4f\n04:45:42  INFO |   Installing deps\nHello from Python 3.7 o/\n```\n\nSubsequent runs do not recreate the env, or install the dependencies:\n\n```bash\n$ python example.py\nHello from Python 3.7 o/\n```\n\nOr you can run in debug mode, to see everything that happens\n\n```\n$ PYS_LOG=DEBUG python2 hello.py\n04:47:04 DEBUG |    No active venv | ~/.local/share/pyenv/versions/3.7.5rc1/bin/python\n04:47:04 DEBUG |   Good Python ver | 3.7.5rc1\n04:47:04  INFO |     Creating venv | ~/.local/share/pysolate/example.py-eb0e4f\n04:47:07  INFO |   Installing deps\nCollecting click\u003e=7.0\n  Using cached https://files.pythonhosted.org/packages/d2/3d/fa76db83bf75c4f8d338c2fd15c8d33fdd7ad23a9b5e57eb6c5de26b430e/click-7.1.2-py2.py3-none-any.whl\nInstalling collected packages: click\nSuccessfully installed click-7.1.2\n04:47:07 DEBUG |        Restarting | ~/.local/share/pysolate/example.py-eb0e4f/bin/python\n04:47:07 DEBUG |  Good active venv | ~/.local/share/pysolate/example.py-eb0e4f\n04:47:07 DEBUG |   Starting script | ~/src/pysolate/example.py\nHello from Python 3.7 o/\n```\n\nNote that in this example we are using some features (`pathlib` and\n`urllib.request`) that are not available on Python 2.7. If you wish to maintain\ncompatibility with legacy versions, have a look at example.py in the repo.\n\n## Options\n\nConfiguration options can be specified by passing a dictionary object to\n`exec`, like shown in the example above.\nMost of them can also be configured with environment variables, by using the\nprefix `PYS_`. For example `$PYS_LOG` or `$PYS_HOME`.\n\n### `dependencies`\n\n(_required_, *cannot be set by env*)\n\nThe dependencies your script needs in order to run, as a list of strings.\nIf your script has no dependencies, you must pass the value `()`, as pysolate\nuses this variable to detect if is being `exec`uted.\n\n### `log`\n\n(_optional_, default: `INFO`)\n\nThe logging level you want pysolate to run with.\n\n### `home`\n\n(_optional_, default: `~/.local/share/pysolate`)\n\nThe location where pysolate will store all the private repositories by default.\nThis directory will be created if it does not exist.\n\n### `venv`\n\n(_optional_)\n\nThe location of the private virtual environment for the current script.\nBy default the environment will be located inside `PYS_HOME` and its name based\nupon the name of the script plus its sha1 hash.\nSetting this option enables you to store the private virtual environment\noutside `PYS_HOME`.\n\n### `python`\n\n(_optional_, default: `None`, *cannot be set by env*)\n\nSpecifies the required Python version. Can be either a string or a callable.\nIf a callback is specified, it will receive a tuple (like `sys.version_info`)\nand should return `True` for a compatible version.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftyrion%2Fpysolate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftyrion%2Fpysolate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftyrion%2Fpysolate/lists"}