Skip to main content

Meta static analysis tool for Python packages

Project description

shouldi

shouldi

Usage

$ shouldi install insecure-package bandit
bandit is okay to install
Do not install insecure-package! {'safety_check_number_of_issues': 1}

Dependencies

shouldi depends on safety, pylint, and bandit being installed separately.

$ python3.7 -m pip install -U safety pylint bandit

WTF is this

shouldi is a tool that runs static analysis tools to let you know if there are any issues in any of the python packages you were thinking of installing.

shouldi is similar to things like Go Report Card.

Right now shouldi runs the following static analysis tools and complains if:

  • safety
    • Any issues are found
  • TODO: bandit
  • TODO: pylint
    • TDB (something about the number of errors)

License

shouldi is distributed under the MIT License.

What's This Really Called

The real name of this package is "DFFML Evaluator for PyPi Packages". shouldi is mearly the command line invokation, and we claim shouldi, the package name on PyPi, to avoid a supply chain attack.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

shouldi-0.0.5.tar.gz (8.8 kB view details)

Uploaded Source

File details

Details for the file shouldi-0.0.5.tar.gz.

File metadata

  • Download URL: shouldi-0.0.5.tar.gz
  • Upload date:
  • Size: 8.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.43.0 CPython/3.7.6

File hashes

Hashes for shouldi-0.0.5.tar.gz
Algorithm Hash digest
SHA256 a3e3b47020a0e81c12501b96297328a56c60e1eb99a72176e1082b70431fe015
MD5 15e5df954a7a6bd8dc07b3c0b87adb07
BLAKE2b-256 c5013d7f07b08e238480574a9ee5c516a44f0b8fca64c358f0c45dce3afb18f2

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page