A library for detecting vulnerabilities in Python code. Designed for integration with CI/CD systems such as GitLab CI/CD. Supports Python 3.8 and above.
- Static code analysis to detect security vulnerabilities
- Dependency checking for known vulnerabilities
- Analysis of insecure code constructs
- Returns non-zero exit code when issues are found
- Generates detailed vulnerability reports
- Python 3.8 - 3.13
- Dependencies listed in
pyproject.toml(automatically installed with the package)
pip install vulnerability-checker# Basic directory analysis
vulncheck /path/to/your/project
# Analysis with JSON report generation
vulncheck /path/to/your/project --output report.json
# Check only specific vulnerability types
vulncheck /path/to/your/project --checks sql-injection,xss,dependency-check--output <filename>: Specifies the name of the file to save the report (e.g.,--output report.json).--checks <check_types>: Specifies which types of vulnerabilities to check (e.g.,--checks sql-injection,xss,dependency-check).--verbose: Detailed output.--exit-zero: Always return 0 exit code, even when vulnerabilities are found.
security_check:
stage: test
script:
- pip install vulnerability-checker
- vulncheck . --output report.json
artifacts:
paths:
- report.json