Metadata-Version: 2.4
Name: vscanner
Version: 0.1.0
Summary: A simple Python package vulnerability scanner.
Author-email: The Developers <development@s3dev.uk>
License-Expression: MIT
Project-URL: Documentation, https://github.com/s3dev/vscanner
Project-URL: Homepage, https://github.com/s3dev/vscanner
Project-URL: Repository, https://github.com/s3dev/vscanner
Keywords: security,utilities,utility,vulnerabilities,vulnerability
Classifier: Development Status :: 4 - Beta
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: End Users/Desktop
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.11
Classifier: Programming Language :: Python :: 3.12
Classifier: Programming Language :: Python :: 3.13
Classifier: Programming Language :: Python :: 3.14
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Operating System :: POSIX :: Linux
Classifier: Operating System :: Microsoft :: Windows
Classifier: Topic :: Security
Classifier: Topic :: Software Development
Classifier: Topic :: Software Development :: Libraries
Classifier: Topic :: Utilities
Requires-Python: >=3.10
Description-Content-Type: text/markdown
License-File: LICENSE
Requires-Dist: packaging>=26.0.0
Requires-Dist: ppklib>=0.3.0
Requires-Dist: utils4>=1.8.2
Dynamic: license-file

# A simple Python package vulnerability scanner

[![PyPI - Version](https://img.shields.io/pypi/v/vscanner?style=flat-square)](https://pypi.org/project/vscanner)
[![PyPI - Implementation](https://img.shields.io/pypi/implementation/vscanner?style=flat-square)](https://pypi.org/project/vscanner)
[![PyPI - Python Version](https://img.shields.io/pypi/pyversions/vscanner?style=flat-square)](https://pypi.org/project/vscanner)
[![PyPI - Status](https://img.shields.io/pypi/status/vscanner?style=flat-square)](https://pypi.org/project/vscanner)
[![Static Badge](https://img.shields.io/badge/pylint_analysis-100%25-brightgreen?style=flat-square)](https://pypi.org/project/vscanner)
[![PyPI - License](https://img.shields.io/pypi/l/vscanner?style=flat-square)](https://opensource.org/license/mit)
[![PyPI - Wheel](https://img.shields.io/pypi/wheel/vscanner?style=flat-square)](https://pypi.org/project/vscanner)

## Overview
**vscanner** is a lightweight Python tool designed to scan Python packages (and their dependencies) for known vulnerabilities. By analyzing a `requirements.txt`-style input file, it cross-references each package against the [OSV (Open Source Vulnerabilities) database][osv] and logs the results - including vulnerable packages, versions, and severity - to a structured CSV file. Ideal for developers and security teams, **vscanner** helps identify and mitigate risks in your project’s dependencies with minimal setup.

## Quickstart

### Installation
To install `vscanner`, first activate the target virtual environment, then use `pip`:

```bash
pip install vscanner
```

For older releases, visit [PyPI][pypi-history] or the [GitHub Releases][github-releases] page.

### Command Line Utility
Simply run `vscan` with the path to the input file containing the libraries to scan. Once the scan is complete, a log file (in CSV format) is written to your Desktop.

For example:

```bash
vscan /path/to/requirements.txt
```

> **Important:** The input file is expected to be in ``requirements.txt``-style format.

## Command Line Utility Options

### Help Menu: ``--help``
The help menu can be accessed at any time using the following. This provides an overview of the tool's capabilities and available options.

```bash
vscan --help
```

### No Dependencies: ``--no-deps``
To perform a scan on the *listed packages only*, (i.e. disabling the dependency search and scan), pass the ``--no-deps`` argument as:

```bash
vscan /path/to/requirements.txt --no-deps
```

## Troubleshooting
No troubleshooting guidance is available at this time.

For questions not covered here, or to report bugs, issues, or suggestions, please open an issue on [GitHub][github].

[github]: https://github.com/s3dev/vscanner
[github-releases]: https://github.com/s3dev/vscanner/releases
[osv]: https://osv.dev/
[pypi-history]: https://pypi.org/project/vscanner/#history

