{ "info": { "author": "Jannis Gebauer", "author_email": "support@pyup.io", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: Web Environment", "Intended Audience :: Developers", "Operating System :: OS Independent", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6" ], "description": "[![safety](https://raw.githubusercontent.com/pyupio/safety-db/master/safety-db.jpg)](https://pyup.io/safety/)\n\n## What is Safety DB?\n\nSafety DB is a database of known security vulnerabilities in Python packages. The data is made available by [pyup.io](https://pyup.io/) and synced with this repository once per month. Most of the entries are found by filtering CVEs and changelogs for certain keywords and then manually reviewing them.\n\n## Tools\n\n- [Safety CI](https://pyup.io/safety/ci/) is a deep GitHub integration that's available on pyup.io. It checks your commits and Pull Requests.\n- [Safety](https://pyup.io/safety/) is a command line tool that checks virtualenvironments and requirement files either locally or on a CI server. \n- [Safety Django](https://pyup.io/safety/django/) is a package for Django that warns you in the admin area if your installed Django release is insecure.\n- [Safety Bar](https://github.com/pyupio/safety-bar) (alpha) is a macOS menubar application.\n- A [pre-commit hook](https://github.com/Lucas-C/pre-commit-hooks-safety) by Lucas Cimon.\n- [`pipenv check`](https://pipenv.readthedocs.io/en/latest/advanced/#detection-of-security-vulnerabilities) relies on `safety` and Safety-DB to check for known vulnerabilities in locked components\n- *your tool?*\n\n## Installation\n\n```sh\n\npip install safety-db\n```\n\n## Usage\n\n```python\n\nfrom safety_db import INSECURE, INSECURE_FULL\n```\n\n## What is this not?\n\nThis is not a hall of shame, or a list of packages to avoid. The package maintainers show a great responsibility by documenting and fixing security issues in such a way that they can be listed here. That's extremely valuable when considering using a package in production.\n\n## Using this data\n\nFor humans:\n\n- There's a small website available that lets you browse the data: https://pyupio.github.io/safety-db/\n\nFor robots:\n\nCheck out the `data` directory:\n\n- [insecure.json](https://github.com/pyupio/safety-db/blob/master/data/insecure.json) contains just the package name and all insecure releases as a plain list.\n- [insecure_full.json](https://github.com/pyupio/safety-db/blob/master/data/insecure_full.json) additionally contains the CVE description and URLs, or the relevant part of the changelog.\n\nThe database is licensed under [CC BY-NC-SA 4.0](https://creativecommons.org/licenses/by-nc-sa/4.0/). This allows you to use the data in any non commercial project as long as you link back to this repo. If you need a license for a commercial project, please contact support@pyup.io.\n\n\n", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/pyupio/safety-db/", "keywords": "security", "license": "Attribution-NonCommercial-ShareAlike 4.0 International", "maintainer": "", "maintainer_email": "", "name": "safety-db", "package_url": "https://pypi.org/project/safety-db/", "platform": "", "project_url": "https://pypi.org/project/safety-db/", "project_urls": { "Homepage": "https://github.com/pyupio/safety-db/" }, "release_url": "https://pypi.org/project/safety-db/2018.7.24/", "requires_dist": null, "requires_python": "", "summary": "A curated database of insecure Python packages", "version": "2018.7.24" }, "last_serial": 4764107, "releases": { "2017.4.19": [ { "comment_text": "", "digests": { "md5": "de25dd070d70c17aaaae9b551ed8af23", "sha256": "8052634809ed3a02eb95b7f6c0fc7c485424a50a2c35f03d727b0b0fe530132e" }, "downloads": -1, "filename": "safety_db-2017.4.19-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "de25dd070d70c17aaaae9b551ed8af23", "packagetype": "bdist_wheel", "python_version": "2.7", "requires_python": null, "size": 11128, "upload_time": "2017-04-19T10:32:48", "url": "https://files.pythonhosted.org/packages/99/f4/2ceadae6059942cbae3d66a789f70dbf871cc9230eacc79ab00d4902bb88/safety_db-2017.4.19-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "6a64c581db95aa41ce1bbd45f1fd4c57", "sha256": "945ce7eb9c60d6c0c481c4b211b2f067fc9df7eb6b8c83bc693ab80f29fe8401" }, "downloads": -1, "filename": "safety-db-2017.4.19.tar.gz", "has_sig": false, "md5_digest": "6a64c581db95aa41ce1bbd45f1fd4c57", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 92979, "upload_time": "2017-04-19T10:32:46", "url": "https://files.pythonhosted.org/packages/2f/7f/f9128342280436168b3085e1a6129326abb23fe950d20f4d8c0ca53aef4d/safety-db-2017.4.19.tar.gz" } ], "2018.7.24": [ { "comment_text": "", "digests": { "md5": "9646c4f01fd777e1fbadb97b8532ab60", "sha256": "ac5cef5b72ba9c8eecb4f2ab4951f09af3fa0c94fc725c0fe4b7d1299d1baa66" }, "downloads": -1, "filename": "safety_db-2018.7.24-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "9646c4f01fd777e1fbadb97b8532ab60", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 9190, "upload_time": "2018-07-24T15:14:51", "url": "https://files.pythonhosted.org/packages/d8/af/5e95ab5b5618faca1072cf4b5554ab8019e4c09688c7db3ec611c547d33f/safety_db-2018.7.24-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "e919b84eea02cdbbd7de06853f79f922", "sha256": "95176be6c26706eb03fb48b44ee448df19d3175b1719d6bf6793845a6f136e1c" }, "downloads": -1, "filename": "safety-db-2018.7.24.tar.gz", "has_sig": false, "md5_digest": "e919b84eea02cdbbd7de06853f79f922", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 118118, "upload_time": "2018-07-24T15:14:52", "url": "https://files.pythonhosted.org/packages/f4/f1/9f36ed394cfa808b74a60d7d3e64e4c2b2e6e407ad9daafb405983303f16/safety-db-2018.7.24.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "9646c4f01fd777e1fbadb97b8532ab60", "sha256": "ac5cef5b72ba9c8eecb4f2ab4951f09af3fa0c94fc725c0fe4b7d1299d1baa66" }, "downloads": -1, "filename": "safety_db-2018.7.24-py2.py3-none-any.whl", "has_sig": false, "md5_digest": "9646c4f01fd777e1fbadb97b8532ab60", "packagetype": "bdist_wheel", "python_version": "py2.py3", "requires_python": null, "size": 9190, "upload_time": "2018-07-24T15:14:51", "url": "https://files.pythonhosted.org/packages/d8/af/5e95ab5b5618faca1072cf4b5554ab8019e4c09688c7db3ec611c547d33f/safety_db-2018.7.24-py2.py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "e919b84eea02cdbbd7de06853f79f922", "sha256": "95176be6c26706eb03fb48b44ee448df19d3175b1719d6bf6793845a6f136e1c" }, "downloads": -1, "filename": "safety-db-2018.7.24.tar.gz", "has_sig": false, "md5_digest": "e919b84eea02cdbbd7de06853f79f922", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 118118, "upload_time": "2018-07-24T15:14:52", "url": "https://files.pythonhosted.org/packages/f4/f1/9f36ed394cfa808b74a60d7d3e64e4c2b2e6e407ad9daafb405983303f16/safety-db-2018.7.24.tar.gz" } ] }