New Show Hacker News story: Show HN: Panoptisch – A recursive dependency scanner for Python projects
Show HN: Panoptisch – A recursive dependency scanner for Python projects
8 by r9295 | 2 comments on Hacker News.
Hello all, Very excited to share this project with you all! Panoptisch scans your Python file or module to find it's imports (aka dependencies) and recursively does so for all dependencies and sub-dependencies. It then generates a dependency tree in JSON for you to parse and enforce import policies. Supply chain attacks are no joke, and this is one way to transparently analyze your dependencies to see if any malicious imports are taking place. For example, your yaml parser, nor it's sub-dependencies should import socket, or sys. Panoptisch is in early stages, with known limitations (for now). I welcome feedback, testing and contributions. Also, happy to answer any questions!
8 by r9295 | 2 comments on Hacker News.
Hello all, Very excited to share this project with you all! Panoptisch scans your Python file or module to find it's imports (aka dependencies) and recursively does so for all dependencies and sub-dependencies. It then generates a dependency tree in JSON for you to parse and enforce import policies. Supply chain attacks are no joke, and this is one way to transparently analyze your dependencies to see if any malicious imports are taking place. For example, your yaml parser, nor it's sub-dependencies should import socket, or sys. Panoptisch is in early stages, with known limitations (for now). I welcome feedback, testing and contributions. Also, happy to answer any questions!
Comments
Post a Comment