PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Osv Python Packages

Python packages with the GitHub topic osv. Sorted by relevance, with stars and monthly downloads.
duriantaco
ca9

CA9 is a local evidence engine for Python AppSec triage. It sits after scanners and before engineers waste time, proving which findings matter.

60K 5 0
aboutcode-org
univers

Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!

37K 49 24
ohaswin
pyscan-rs

python dependency vulnerability scanner, written in Rust.

6K 250 9
aboutcode-org
aboutcode-federated

Federated data utilities

4K 0 0
aboutcode-org
aboutcode-hashid

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

4K 691 311
nexB
vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

2K 691 311
cawa102
cve-sentinel

CVE auto-detection and remediation proposal system for Claude Code

2K 0 0
DevInder1
tridentchain-mcp

Supply Chain Scanner is a local-first security tool that scans your project dependencies, developer environment, and IDE extensions for known vulnerabilities using multiple intelligence sources (OSV, NVD, GHSA, Sonatype), then prioritizes remediation with KEV/EPSS insights and easy-to-read reports — with no API key required for default use.

1K 0 0
DevInder1
tridentchain-security

Supply Chain Scanner is a local-first security tool that scans your project dependencies, developer environment, and IDE extensions for known vulnerabilities using multiple intelligence sources (OSV, NVD, GHSA, Sonatype), then prioritizes remediation with KEV/EPSS insights and easy-to-read reports — with no API key required for default use.

1K 0 0
DevGreick
vulnhunter

Offline vulnerability scanner with AI triage — your dependencies have secrets, VulnHunter finds them.

681 0 0
madpah
osv-lib

Python library for calling OSV (https://osv.dev/)

681 1 2
jlaportebot
depdoctor

🔍 A dependency health checker for Python projects — scan for vulnerabilities, outdated packages, unmaintained libraries, and more.

485 1 0
Threads-Beams
alnur

ALNUR — Open-source end-to-end security vulnerability scanner. Detects CVEs, hardcoded secrets, architecture flaws, and port risks across Node.js, Python, PHP, Go, Rust, Java, .NET, Ruby and more

434 12 0
mujinlabs
mujin-agentlock

npm audit for your AI agent's extensions: inventory installed MCP servers/skills and flag known-vulnerable (OSV), abandoned, and unpinned ones in CI.

410 0 0
ml-guard
mlsupplychain

Security and compliance scanning for machine learning pipelines. Detects malicious pickles, leaked secrets, vulnerable dependencies.

182 0 0
thedevappsecguy
safe-packages

The cli tool for checking the security of the packages.

173 1 0
mkbhardwas12
pwned-deps

Drop your lockfile in, find out if you're pwned. Compromised-package scanner backed by OSV.dev.

138 164 172
DevInder1
devinder-supply-chain-scanner

Supply Chain Scanner is a local-first security tool that scans your project dependencies, developer environment, and IDE extensions for known vulnerabilities using multiple intelligence sources (OSV, NVD, GHSA, Sonatype), then prioritizes remediation with KEV/EPSS insights and easy-to-read reports — with no API key required for default use.

120 0 0
afadesigns
rtx-trust

Real Tracker X: cross-ecosystem dependency trust scanner

99 2 0
    • Data from PyPI, GitHub, ClickHouse, and BigQuery