Metadata-Version: 2.1
Name: pytrust
Version: 0.2.4
Summary: CLI tool to check package permissions.
Author-email: Martin Thoma <info@martin-thoma.de>
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Requires-Dist: pyyaml
Requires-Dist: click
Requires-Dist: importlib-metadata; python_version<'3.8'

# pytrust

![PyPI](https://img.shields.io/pypi/v/pytrust?color=blue)
![License](https://img.shields.io/github/license/MartinThoma/pytrust)

**pytrust** is a CLI tool to analyze Python packages for their use of file system, environment variables, web requests, and exec calls. It helps you audit dependencies and generate permission reports in YAML format.


## Installation

```bash
pip install pytrust
```


## Usage

### Analyze a single package and print its permissions as YAML
```bash
$ pytrust pypdf
pypdf:
  file_system: true
  env_vars: false
  web_requests: false
  exec_usage: false

```

### Check a package against a permissions file
```bash
$ pytrust pypdf package-permissions.yaml
Permission violations found:
 - file_system: REQUIRED but NOT GIVEN
```



### Analyze all installed (non-default) packages and print combined YAML
```bash
$ pytrust > all-packages-permissions.yaml

# Gives:
pypdf:
  file_system: true
  env_vars: false
  web_requests: false
  exec_usage: false
pytz:
  file_system: true
  env_vars: true
  web_requests: false
  exec_usage: false
flit:
  file_system: true
  env_vars: true
  web_requests: true
  exec_usage: false
six:
  file_system: false
  env_vars: false
  web_requests: false
  exec_usage: true
... (the list might be pretty long!)
```



## Permissions YAML Example

In this file you specify which packages are allowed to access certain resources. For example:

```yaml
pypdf:
	file_system: true  # needed to read/write PDF files
	env_vars: false
	web_requests: false
	exec_usage: false
```



## Contributing & Help
- Issues and PRs welcome!




**Made with ❤️ by Martin Thoma and contributors.**

