PyCharm Python Security plugin
A plugin to run security checks for common flaws in Python code and suggest quick fixes.
- Available as a PyCharm plugin on the Jetbrains plugin marketplace
- Available as a GitHub Action for your CI/CD workflow on the GitHub Marketplace.
- Available as a standalone container image on the Docker Hub
Demo
Check out the webinar for a full demo of the functionality in this plugin:
Documentation
Documentation is available on pycharm-security.readthedocs.io, including examples and explanations for all the checks.
GitHub Action Documentation
Documentation for the GitHub action is on the documentation site.
Snyk Support
Plugin has support for snyk.io as the vulnerability database. Snyk offers an up to date and in-depth database of Python package issues. Your installed packages will be checked against a live database of PyPi issues (subscription required.)
Bundled SafetyDB
This plugin will check the installed packages in your Python projects against the SafetyDB and raise a warning for any vulnerabilities.
PyPi vulnerability API
This plugin will check the installed packages in your Python projects against the OSV database in PyPi and raise a warning for any vulnerabilities.
Current checks
See Supported Checks for a current list.
Current quick fixes
See Fixes for a current list.
Release History
See Release History for the release history.
Contributing
If you would like to alter or add new checks and fixes, see the Development page.
License
This project is MIT Licensed.
Credits
Credit to the PyUp.io team for the SafetyDB. This project uses SafetyDB to scan packages, SafetyDB is licensed under "Attribution-NonCommercial 4.0 International" license.