security-use 0.1.1__py3-none-any.whl

security_use/scanner.py

@@ -0,0 +1,74 @@
+"""Main scanner interface for security_use."""
+
+from pathlib import Path
+from typing import Optional
+
+from security_use.models import ScanResult
+
+
+def scan_dependencies(
+    path: Optional[str] = None,
+    file_content: Optional[str] = None,
+    file_type: Optional[str] = None,
+) -> ScanResult:
+    """Scan dependencies for known vulnerabilities.
+
+    Args:
+        path: Path to scan (file or directory). Defaults to current directory.
+        file_content: Direct content to scan (alternative to path).
+        file_type: Type of dependency file when using file_content.
+
+    Returns:
+        ScanResult containing any vulnerabilities found.
+    """
+    from security_use.dependency_scanner import DependencyScanner
+
+    scanner = DependencyScanner()
+
+    if file_content is not None:
+        return scanner.scan_content(file_content, file_type or "requirements.txt")
+
+    scan_path = Path(path) if path else Path.cwd()
+    return scanner.scan_path(scan_path)
+
+
+def scan_iac(
+    path: Optional[str] = None,
+    file_content: Optional[str] = None,
+    file_type: Optional[str] = None,
+) -> ScanResult:
+    """Scan Infrastructure as Code for security misconfigurations.
+
+    Args:
+        path: Path to scan (file or directory). Defaults to current directory.
+        file_content: Direct content to scan (alternative to path).
+        file_type: Type of IaC file when using file_content.
+
+    Returns:
+        ScanResult containing any IaC findings.
+    """
+    from security_use.iac_scanner import IaCScanner
+
+    scanner = IaCScanner()
+
+    if file_content is not None:
+        return scanner.scan_content(file_content, file_type or "terraform")
+
+    scan_path = Path(path) if path else Path.cwd()
+    return scanner.scan_path(scan_path)
+
+
+def get_vulnerability_fix(vulnerability_id: str, package: str) -> Optional[str]:
+    """Get the recommended fix version for a vulnerability.
+
+    Args:
+        vulnerability_id: The CVE or vulnerability ID.
+        package: The package name.
+
+    Returns:
+        Recommended version to upgrade to, or None if unknown.
+    """
+    from security_use.osv_client import OSVClient
+
+    client = OSVClient()
+    return client.get_fix_version(vulnerability_id, package)

security_use-0.1.1.dist-info/METADATA

@@ -0,0 +1,92 @@
+Metadata-Version: 2.4
+Name: security-use
+Version: 0.1.1
+Summary: Security scanning tool for dependencies and Infrastructure as Code
+Project-URL: Homepage, https://github.com/security-use/security-use
+Project-URL: Repository, https://github.com/security-use/security-use
+Project-URL: Issues, https://github.com/security-use/security-use/issues
+Author-email: Security Use <security@example.com>
+License-Expression: MIT
+Keywords: cloudformation,dependencies,iac,scanner,security,terraform,vulnerability
+Classifier: Development Status :: 3 - Alpha
+Classifier: Environment :: Console
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Classifier: Programming Language :: Python :: 3
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Security
+Classifier: Topic :: Software Development :: Quality Assurance
+Requires-Python: >=3.10
+Requires-Dist: click>=8.0.0
+Requires-Dist: httpx>=0.25.0
+Requires-Dist: packaging>=23.0
+Requires-Dist: python-hcl2>=4.3.0
+Requires-Dist: pyyaml>=6.0
+Requires-Dist: rich>=13.0.0
+Requires-Dist: tomli>=2.0.0; python_version < '3.11'
+Provides-Extra: dev
+Requires-Dist: mypy>=1.0.0; extra == 'dev'
+Requires-Dist: pytest-asyncio>=0.21.0; extra == 'dev'
+Requires-Dist: pytest>=7.0.0; extra == 'dev'
+Requires-Dist: ruff>=0.1.0; extra == 'dev'
+Requires-Dist: types-pyyaml>=6.0.0; extra == 'dev'
+Description-Content-Type: text/markdown
+
+# security-use
+
+A security scanning library for Python projects. Provides vulnerability scanning for dependencies and Infrastructure as Code (IaC) files.
+
+## Features
+
+- **Dependency Scanning**: Detect known vulnerabilities (CVEs) in Python packages
+- **IaC Scanning**: Find security misconfigurations in Terraform, CloudFormation, and other IaC formats
+- **Automated Fixes**: Generate and apply fixes for detected issues
+
+## Installation
+
+```bash
+pip install security-use
+```
+
+## Usage
+
+### Command Line
+
+```bash
+# Scan dependencies
+security-use scan deps /path/to/project
+
+# Scan IaC files
+security-use scan iac /path/to/terraform
+
+# Scan everything
+security-use scan all /path/to/project
+
+# Auto-fix vulnerable dependencies
+security-use fix /path/to/project
+```
+
+### Python API
+
+```python
+from security_use import scan_dependencies, scan_iac
+
+# Scan dependencies
+result = scan_dependencies("/path/to/project")
+
+for vuln in result.vulnerabilities:
+    print(f"{vuln.package}: {vuln.severity.value}")
+
+# Scan IaC
+result = scan_iac("/path/to/terraform")
+
+for finding in result.iac_findings:
+    print(f"{finding.rule_id}: {finding.title}")
+```
+
+## License
+
+MIT

security_use-0.1.1.dist-info/RECORD

@@ -0,0 +1,30 @@
+security_use/__init__.py,sha256=Gtd1i9N9-ryLly2_BgS8zhlXdpibWZ_bBKmNbUuNwxU,376
+security_use/cli.py,sha256=8kniz6b4FQaUZfFTP0Wvf1X3tcTqa9hXH-ALBrdx8Mo,10329
+security_use/dependency_scanner.py,sha256=dCBeM3oESywlQK2idfC1eQG-s9SaY2WkLvrFL8VXgwk,5678
+security_use/iac_scanner.py,sha256=ObnVJU74nSS9OoAZmhJOA79_FcvlzIgxOcuWAMkSliA,6714
+security_use/models.py,sha256=0vvcV-Cyn_0-Itn0c-apsWz3GBGqN1BMPZeP_MxlXb8,4092
+security_use/osv_client.py,sha256=yKJVTbKU3fP0QM69KMYWA2xTDOAfKmEQOn5BLhQ8lY8,13380
+security_use/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+security_use/reporter.py,sha256=hBdJ0mEKwWVqc7gxx3WuaM2ryiu25_nQndNoo0Iga1I,12613
+security_use/scanner.py,sha256=bclsLKPUNPPD6vLN2pBycw_gUkvA74QiOERnut2uK5w,2209
+security_use/fixers/__init__.py,sha256=pBcjyXWiRznnrLyWr2-eXs_4eaAh9L9UJyqGigM1X8c,206
+security_use/fixers/dependency_fixer.py,sha256=zDJadR3ExQ_vqaRgVMZSWqskLRjlf14dk3usNmwTqsM,6415
+security_use/fixers/iac_fixer.py,sha256=f7VKXkkvhBsq90E04QoG7V277Ljj48qORJc3Yoqy3lk,6514
+security_use/iac/__init__.py,sha256=MmabfNA36rJvtWgOUWaq5VJf2TPNWXyhMmVuI8qVHV4,238
+security_use/iac/base.py,sha256=8lrOIwlRbDJYIzb4Epfn1OA91UUjhXHxo61ACwFkhmE,1810
+security_use/iac/cloudformation.py,sha256=6E1fE6xFW4uMlFmuD2cEiubUaOzMlqdcpwWsMfAzJ_c,8197
+security_use/iac/terraform.py,sha256=-0PY-Dw5qpKKn28BliwNv8yRkGp5eGKACwrZVaQ9u80,6191
+security_use/iac/rules/__init__.py,sha256=RfFXACozqDYqV4EYgmRxsvk6rERZP_0qN1L9gZlG5TE,711
+security_use/iac/rules/aws.py,sha256=9KjHv5v3ppanuFOJ-p-_qv-CiehxHBAuwFSF_IL5qOM,12152
+security_use/iac/rules/base.py,sha256=C-LgpwIUIBAyoPwL-tC_ioF6opbmSk-nRWB_vfM22ec,2567
+security_use/iac/rules/registry.py,sha256=s8SNKR3FRY44kwo8Uh3Gcu8t-c1GQB6Cg3bkuO_b8DE,3055
+security_use/parsers/__init__.py,sha256=zYVpwqZOH1M0n8WCLPkb5uhcjr-ID4TSQa32BKLuplI,491
+security_use/parsers/base.py,sha256=hA0w9GIlIAsYifsNuKOlh1thh5u08PBo92afoU2PnFk,1119
+security_use/parsers/pipfile.py,sha256=1cginV92IWvaT4A19ScaLUBy4y3fS5mEXtFpurxFPLI,3800
+security_use/parsers/poetry_lock.py,sha256=OipaEBr03Kkfgt5bTFXCswbiAFcVXEzcz-e-N5jeGWk,1167
+security_use/parsers/pyproject.py,sha256=Tjmb-EZnp22RPsIgFiznSwMXrktLb-_CpT5o7RbXcWc,5407
+security_use/parsers/requirements.py,sha256=slenW0vs1Hd5J7ZOI1YAd9Ha3qV1Fzt_PZ7gErzhha8,2687
+security_use-0.1.1.dist-info/METADATA,sha256=OtpUH2Kb7ZkWJM9UojP5wZlq4QWusfNnfDZiePytpuE,2727
+security_use-0.1.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+security_use-0.1.1.dist-info/entry_points.txt,sha256=PSZqVVwt2h3HFeoFQCCoscMsJD6C5r3HQGzqcBYCRMM,55
+security_use-0.1.1.dist-info/RECORD,,

security_use-0.1.1.dist-info/WHEEL

@@ -0,0 +1,4 @@
+Wheel-Version: 1.0
+Generator: hatchling 1.28.0
+Root-Is-Purelib: true
+Tag: py3-none-any

security_use-0.1.1.dist-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+security-use = security_use.cli:main