depheal 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
depheal-0.1.0/PKG-INFO ADDED
@@ -0,0 +1,124 @@
1
+ Metadata-Version: 2.4
2
+ Name: depheal
3
+ Version: 0.1.0
4
+ Summary: dependency health scanner — cross-language, offline-first, no account needed
5
+ Author: Prince
6
+ License: MIT
7
+ Project-URL: Homepage, https://github.com/prince0x/depwise
8
+ Project-URL: Repository, https://github.com/prince0x/depwise
9
+ Project-URL: Issues, https://github.com/prince0x/depwise/issues
10
+ Keywords: dependencies,security,audit,CVE,devtools
11
+ Classifier: Development Status :: 3 - Alpha
12
+ Classifier: Environment :: Console
13
+ Classifier: Intended Audience :: Developers
14
+ Classifier: License :: OSI Approved :: MIT License
15
+ Classifier: Programming Language :: Python :: 3
16
+ Classifier: Programming Language :: Python :: 3.10
17
+ Classifier: Programming Language :: Python :: 3.11
18
+ Classifier: Programming Language :: Python :: 3.12
19
+ Classifier: Programming Language :: Python :: 3.13
20
+ Classifier: Topic :: Security
21
+ Classifier: Topic :: Software Development :: Libraries :: Python Modules
22
+ Requires-Python: >=3.10
23
+ Description-Content-Type: text/markdown
24
+
25
+ # depwise
26
+
27
+ dependency health scanner — no account, no api key, no config
28
+
29
+ ```
30
+ $ depwise scan ~/netbox-test
31
+
32
+ depwise — dependency health scanner
33
+
34
+ dir ~/netbox-test
35
+ reading requirements.txt, pyproject.toml
36
+
37
+ scanning 45 packages...
38
+
39
+ Django@6.0.5 high 5 CVEs fix: 5.2.15
40
+ An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15
41
+ PYSEC-2026-200, PYSEC-2026-198 +3 more
42
+
43
+ colorama@0.4.6 abandoned
44
+ No updates in 3 years
45
+
46
+ django-graphiql-debug-toolbar@0.2.0 abandoned
47
+ No updates in 4 years
48
+
49
+ 1 vulnerable, 2 abandoned, 42 ok
50
+
51
+ to fix:
52
+ pip install Django==5.2.15
53
+ ```
54
+
55
+ that's a real scan of [NetBox](https://github.com/netbox-community/netbox) — used in production by NVIDIA, Cloudflare, and thousands of others.
56
+
57
+ ## the problem with existing tools
58
+
59
+ `pip-audit` and `npm audit` exist. but:
60
+
61
+ - they audit the wrong environment when you're inside a venv
62
+ - they show 40 CVEs with no context — developers learn to ignore them
63
+ - they don't know if a package is abandoned (no CVE required to be dangerous)
64
+ - they're single-language — mixed projects need multiple tools
65
+
66
+ depwise fixes all of this.
67
+
68
+ ## install
69
+
70
+ ```bash
71
+ pip install depwise
72
+ ```
73
+
74
+ no account. no api key. no config file. works immediately.
75
+
76
+ ## usage
77
+
78
+ ```bash
79
+ # scan current directory
80
+ depwise
81
+
82
+ # scan any directory from anywhere
83
+ depwise scan ./myproject
84
+ depwise scan ~/anyproject
85
+
86
+ # explain a specific package
87
+ depwise why requests
88
+ depwise why flask --version 2.2.0
89
+
90
+ # list all packages found
91
+ depwise list
92
+
93
+ # use in CI/CD — exits with code 1 if issues found
94
+ depwise scan --strict
95
+ ```
96
+
97
+ works with:
98
+ - `requirements.txt`
99
+ - `pyproject.toml`
100
+ - `package.json`
101
+
102
+ ## what makes it different
103
+
104
+ **detects abandoned packages** — a package with no CVE but no maintainer is still a risk. depwise checks last commit dates and deprecation notices. existing tools don't.
105
+
106
+ **right environment** — automatically detects your active venv and scans that. pip-audit scans the wrong python when you're inside a venv.
107
+
108
+ **one output** — python and javascript in the same project, one scan, one report.
109
+
110
+ **zero noise** — shows what matters. one line per package. plain english.
111
+
112
+ **zero dependencies** — pure python stdlib. nothing to break. works everywhere python works.
113
+
114
+ ## how it works
115
+
116
+ - reads your dependency files
117
+ - detects your active virtual environment automatically
118
+ - queries [OSV](https://osv.dev) for known CVEs — free, no key needed
119
+ - checks PyPI and npm registry for abandoned/deprecated packages
120
+ - shows you what matters, not everything
121
+
122
+ ## license
123
+
124
+ MIT
@@ -0,0 +1,100 @@
1
+ # depwise
2
+
3
+ dependency health scanner — no account, no api key, no config
4
+
5
+ ```
6
+ $ depwise scan ~/netbox-test
7
+
8
+ depwise — dependency health scanner
9
+
10
+ dir ~/netbox-test
11
+ reading requirements.txt, pyproject.toml
12
+
13
+ scanning 45 packages...
14
+
15
+ Django@6.0.5 high 5 CVEs fix: 5.2.15
16
+ An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15
17
+ PYSEC-2026-200, PYSEC-2026-198 +3 more
18
+
19
+ colorama@0.4.6 abandoned
20
+ No updates in 3 years
21
+
22
+ django-graphiql-debug-toolbar@0.2.0 abandoned
23
+ No updates in 4 years
24
+
25
+ 1 vulnerable, 2 abandoned, 42 ok
26
+
27
+ to fix:
28
+ pip install Django==5.2.15
29
+ ```
30
+
31
+ that's a real scan of [NetBox](https://github.com/netbox-community/netbox) — used in production by NVIDIA, Cloudflare, and thousands of others.
32
+
33
+ ## the problem with existing tools
34
+
35
+ `pip-audit` and `npm audit` exist. but:
36
+
37
+ - they audit the wrong environment when you're inside a venv
38
+ - they show 40 CVEs with no context — developers learn to ignore them
39
+ - they don't know if a package is abandoned (no CVE required to be dangerous)
40
+ - they're single-language — mixed projects need multiple tools
41
+
42
+ depwise fixes all of this.
43
+
44
+ ## install
45
+
46
+ ```bash
47
+ pip install depwise
48
+ ```
49
+
50
+ no account. no api key. no config file. works immediately.
51
+
52
+ ## usage
53
+
54
+ ```bash
55
+ # scan current directory
56
+ depwise
57
+
58
+ # scan any directory from anywhere
59
+ depwise scan ./myproject
60
+ depwise scan ~/anyproject
61
+
62
+ # explain a specific package
63
+ depwise why requests
64
+ depwise why flask --version 2.2.0
65
+
66
+ # list all packages found
67
+ depwise list
68
+
69
+ # use in CI/CD — exits with code 1 if issues found
70
+ depwise scan --strict
71
+ ```
72
+
73
+ works with:
74
+ - `requirements.txt`
75
+ - `pyproject.toml`
76
+ - `package.json`
77
+
78
+ ## what makes it different
79
+
80
+ **detects abandoned packages** — a package with no CVE but no maintainer is still a risk. depwise checks last commit dates and deprecation notices. existing tools don't.
81
+
82
+ **right environment** — automatically detects your active venv and scans that. pip-audit scans the wrong python when you're inside a venv.
83
+
84
+ **one output** — python and javascript in the same project, one scan, one report.
85
+
86
+ **zero noise** — shows what matters. one line per package. plain english.
87
+
88
+ **zero dependencies** — pure python stdlib. nothing to break. works everywhere python works.
89
+
90
+ ## how it works
91
+
92
+ - reads your dependency files
93
+ - detects your active virtual environment automatically
94
+ - queries [OSV](https://osv.dev) for known CVEs — free, no key needed
95
+ - checks PyPI and npm registry for abandoned/deprecated packages
96
+ - shows you what matters, not everything
97
+
98
+ ## license
99
+
100
+ MIT
@@ -0,0 +1,124 @@
1
+ Metadata-Version: 2.4
2
+ Name: depheal
3
+ Version: 0.1.0
4
+ Summary: dependency health scanner — cross-language, offline-first, no account needed
5
+ Author: Prince
6
+ License: MIT
7
+ Project-URL: Homepage, https://github.com/prince0x/depwise
8
+ Project-URL: Repository, https://github.com/prince0x/depwise
9
+ Project-URL: Issues, https://github.com/prince0x/depwise/issues
10
+ Keywords: dependencies,security,audit,CVE,devtools
11
+ Classifier: Development Status :: 3 - Alpha
12
+ Classifier: Environment :: Console
13
+ Classifier: Intended Audience :: Developers
14
+ Classifier: License :: OSI Approved :: MIT License
15
+ Classifier: Programming Language :: Python :: 3
16
+ Classifier: Programming Language :: Python :: 3.10
17
+ Classifier: Programming Language :: Python :: 3.11
18
+ Classifier: Programming Language :: Python :: 3.12
19
+ Classifier: Programming Language :: Python :: 3.13
20
+ Classifier: Topic :: Security
21
+ Classifier: Topic :: Software Development :: Libraries :: Python Modules
22
+ Requires-Python: >=3.10
23
+ Description-Content-Type: text/markdown
24
+
25
+ # depwise
26
+
27
+ dependency health scanner — no account, no api key, no config
28
+
29
+ ```
30
+ $ depwise scan ~/netbox-test
31
+
32
+ depwise — dependency health scanner
33
+
34
+ dir ~/netbox-test
35
+ reading requirements.txt, pyproject.toml
36
+
37
+ scanning 45 packages...
38
+
39
+ Django@6.0.5 high 5 CVEs fix: 5.2.15
40
+ An issue was discovered in Django 6.0 before 6.0.6 and 5.2 before 5.2.15
41
+ PYSEC-2026-200, PYSEC-2026-198 +3 more
42
+
43
+ colorama@0.4.6 abandoned
44
+ No updates in 3 years
45
+
46
+ django-graphiql-debug-toolbar@0.2.0 abandoned
47
+ No updates in 4 years
48
+
49
+ 1 vulnerable, 2 abandoned, 42 ok
50
+
51
+ to fix:
52
+ pip install Django==5.2.15
53
+ ```
54
+
55
+ that's a real scan of [NetBox](https://github.com/netbox-community/netbox) — used in production by NVIDIA, Cloudflare, and thousands of others.
56
+
57
+ ## the problem with existing tools
58
+
59
+ `pip-audit` and `npm audit` exist. but:
60
+
61
+ - they audit the wrong environment when you're inside a venv
62
+ - they show 40 CVEs with no context — developers learn to ignore them
63
+ - they don't know if a package is abandoned (no CVE required to be dangerous)
64
+ - they're single-language — mixed projects need multiple tools
65
+
66
+ depwise fixes all of this.
67
+
68
+ ## install
69
+
70
+ ```bash
71
+ pip install depwise
72
+ ```
73
+
74
+ no account. no api key. no config file. works immediately.
75
+
76
+ ## usage
77
+
78
+ ```bash
79
+ # scan current directory
80
+ depwise
81
+
82
+ # scan any directory from anywhere
83
+ depwise scan ./myproject
84
+ depwise scan ~/anyproject
85
+
86
+ # explain a specific package
87
+ depwise why requests
88
+ depwise why flask --version 2.2.0
89
+
90
+ # list all packages found
91
+ depwise list
92
+
93
+ # use in CI/CD — exits with code 1 if issues found
94
+ depwise scan --strict
95
+ ```
96
+
97
+ works with:
98
+ - `requirements.txt`
99
+ - `pyproject.toml`
100
+ - `package.json`
101
+
102
+ ## what makes it different
103
+
104
+ **detects abandoned packages** — a package with no CVE but no maintainer is still a risk. depwise checks last commit dates and deprecation notices. existing tools don't.
105
+
106
+ **right environment** — automatically detects your active venv and scans that. pip-audit scans the wrong python when you're inside a venv.
107
+
108
+ **one output** — python and javascript in the same project, one scan, one report.
109
+
110
+ **zero noise** — shows what matters. one line per package. plain english.
111
+
112
+ **zero dependencies** — pure python stdlib. nothing to break. works everywhere python works.
113
+
114
+ ## how it works
115
+
116
+ - reads your dependency files
117
+ - detects your active virtual environment automatically
118
+ - queries [OSV](https://osv.dev) for known CVEs — free, no key needed
119
+ - checks PyPI and npm registry for abandoned/deprecated packages
120
+ - shows you what matters, not everything
121
+
122
+ ## license
123
+
124
+ MIT
@@ -0,0 +1,17 @@
1
+ README.md
2
+ pyproject.toml
3
+ ./depwise/__init__.py
4
+ ./depwise/checker.py
5
+ ./depwise/cli.py
6
+ ./depwise/reporter.py
7
+ ./depwise/scanner.py
8
+ depheal.egg-info/PKG-INFO
9
+ depheal.egg-info/SOURCES.txt
10
+ depheal.egg-info/dependency_links.txt
11
+ depheal.egg-info/entry_points.txt
12
+ depheal.egg-info/top_level.txt
13
+ depwise/__init__.py
14
+ depwise/checker.py
15
+ depwise/cli.py
16
+ depwise/reporter.py
17
+ depwise/scanner.py
@@ -0,0 +1,2 @@
1
+ [console_scripts]
2
+ depwise = depwise.cli:main
@@ -0,0 +1,2 @@
1
+ depwise
2
+ dist
@@ -0,0 +1,8 @@
1
+ """
2
+ depwise — dependency health scanner
3
+ Cross-language. Offline-first. No account needed.
4
+ """
5
+
6
+ __version__ = "0.1.0"
7
+ __author__ = "Prince"
8
+