Metadata-Version: 2.1
Name: simplesecurity
Version: 2021.2.2
Summary: Combine multiple popular python security tools and generate reports or output into different formats
Home-page: https://github.com/FHPythonUtils/SimpleSecurity
Author: FredHappyface
Requires-Python: >=3.7,<4.0
Classifier: Development Status :: 5 - Production/Stable
Classifier: Environment :: Console
Classifier: Environment :: MacOS X
Classifier: Environment :: Win32 (MS Windows)
Classifier: Intended Audience :: Developers
Classifier: Intended Audience :: Education
Classifier: License :: OSI Approved :: MIT License
Classifier: Natural Language :: English
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: Utilities
Provides-Extra: full
Requires-Dist: bandit (>=1.6.2,<3); extra == "full"
Requires-Dist: dlint (>=0.10.3,<2); extra == "full"
Requires-Dist: dodgy (>=0.2.1,<2); extra == "full"
Requires-Dist: poetry (>=1.1.2,<3); extra == "full"
Requires-Dist: pygraudit (>=27.1.1,<29); extra == "full"
Requires-Dist: safety (>=1.9.0,<3); extra == "full"
Requires-Dist: semgrep (>=0.27.0,<2); extra == "full"
Project-URL: Documentation, https://github.com/FHPythonUtils/SimpleSecurity/blob/master/README.md
Project-URL: Repository, https://github.com/FHPythonUtils/SimpleSecurity
Description-Content-Type: text/markdown

[![GitHub top language](https://img.shields.io/github/languages/top/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](../../)
[![Repository size](https://img.shields.io/github/repo-size/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](../../)
[![Issues](https://img.shields.io/github/issues/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](../../issues)
[![License](https://img.shields.io/github/license/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](/LICENSE.md)
[![Commit activity](https://img.shields.io/github/commit-activity/m/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](../../commits/master)
[![Last commit](https://img.shields.io/github/last-commit/FHPythonUtils/SimpleSecurity.svg?style=for-the-badge)](../../commits/master)
[![PyPI Downloads](https://img.shields.io/pypi/dm/simplesecurity.svg?style=for-the-badge)](https://pypistats.org/packages/simplesecurity)
[![PyPI Total Downloads](https://img.shields.io/badge/dynamic/json?style=for-the-badge&label=total%20downloads&query=%24.total_downloads&url=https%3A%2F%2Fapi.pepy.tech%2Fapi%2Fprojects%2Fsimplesecurity)](https://pepy.tech/project/simplesecurity)
[![PyPI Version](https://img.shields.io/pypi/v/simplesecurity.svg?style=for-the-badge)](https://pypi.org/project/simplesecurity)

<!-- omit in toc -->
# SimpleSecurity

<img src="readme-assets/icons/name.png" alt="Project Icon" width="750">


Combine multiple popular python security tools and generate reports or output
into different formats

Plugins (these require the plugin executable in the system path. e.g. bandit
requires bandit to be in the system path...)

- bandit
- safety
- dodgy
- dlint
- pygraudit
- semgrep

Formats

- ansi (for terminal)
- json
- markdown
- csv
- sarif

## Example Use

See below for the output if you run `simplesecurity` in this directory

<img src="readme-assets/screenshots/sec.svg" width="500px">

### Help

```txt
usage: __main__.py [-h] [--format FORMAT] [--plugin PLUGIN] [--file FILE] [--level LEVEL] [--confidence CONFIDENCE]
                   [--no-colour] [--high-contrast] [--fast]

Combine multiple popular python security tools and generate reports or output
into different formats

optional arguments:
  -h, --help            show this help message and exit
  --format FORMAT, -f FORMAT
                        Output format. One of ansi, json, markdown, csv. default=ansi
  --plugin PLUGIN, -p PLUGIN
                        Plugin to use. One of bandit, safety, dodgy, dlint, pygraudit, semgrep, all, default=all
  --file FILE, -o FILE  Filename to write to (omit for stdout)
  --level LEVEL, -l LEVEL
                        Minimum level/ severity to show
  --confidence CONFIDENCE, -c CONFIDENCE
                        Minimum confidence to show
  --no-colour, -z       No ANSI colours
  --high-contrast, -Z   High contrast colours
  --fast, --skip        Skip long running jobs. Will omit plugins with long run time (applies to -p all only)
```

You can also import this into your own project and use any of the functions
in the DOCS

<!-- omit in toc -->
## Table of Contents
- [Example Use](#example-use)
	- [Help](#help)
- [Developer Notes](#developer-notes)
	- [Generate semgrep_sec.yaml](#generate-semgrep_secyaml)
- [Documentation](#documentation)
- [Install With PIP](#install-with-pip)
- [Language information](#language-information)
	- [Built for](#built-for)
- [Install Python on Windows](#install-python-on-windows)
	- [Chocolatey](#chocolatey)
	- [Download](#download)
- [Install Python on Linux](#install-python-on-linux)
	- [Apt](#apt)
- [How to run](#how-to-run)
	- [With VSCode](#with-vscode)
	- [From the Terminal](#from-the-terminal)
- [Download Project](#download-project)
	- [Clone](#clone)
		- [Using The Command Line](#using-the-command-line)
		- [Using GitHub Desktop](#using-github-desktop)
	- [Download Zip File](#download-zip-file)
- [Community Files](#community-files)
	- [Licence](#licence)
	- [Changelog](#changelog)
	- [Code of Conduct](#code-of-conduct)
	- [Contributing](#contributing)
	- [Security](#security)
	- [Support](#support)
	- [Rationale](#rationale)


## Developer Notes

### Generate semgrep_sec.yaml

1. Clone https://github.com/returntocorp/semgrep-rules
2. cd to project/python
3. do
   ```bash
   $ cat **/security/**/*.yaml >> semgrep_sec.yaml
   $ cat **/security/*.yaml >> semgrep_sec.yaml
   ```
4. Find and replace `rules:` with `` apart from the first instance
5. Reformat with `ctrl+shift+i`
6. replace simplesecurity/semgrep_sec.yaml with the new one


## Documentation
See the [Docs](/DOCS/) for more information.

## Install With PIP

**"Slim" Build:** Install bandit, dlint, dodgy, poetry, and safety with pipx

```python
pip install simplesecurity
```

**Otherwise:**
```python
pip install simplesecurity[full]
```

Head to https://pypi.org/project/SimpleSecurity/ for more info

## Language information
### Built for
This program has been written for Python 3 and has been tested with
Python version 3.9.0 <https://www.python.org/downloads/release/python-380/>.

## Install Python on Windows
### Chocolatey
```powershell
choco install python
```
### Download
To install Python, go to <https://www.python.org/> and download the latest
version.

## Install Python on Linux
### Apt
```bash
sudo apt install python3.9
```

## How to run
### With VSCode
1. Open the .py file in vscode
2. Ensure a python 3.9 interpreter is selected (Ctrl+Shift+P > Python:Select
Interpreter > Python 3.9)
3. Run by pressing Ctrl+F5 (if you are prompted to install any modules, accept)
### From the Terminal
```bash
./[file].py
```

## Download Project
### Clone
#### Using The Command Line
1. Press the Clone or download button in the top right
2. Copy the URL (link)
3. Open the command line and change directory to where you wish to
clone to
4. Type 'git clone' followed by URL in step 2
```bash
$ git clone https://github.com/FHPythonUtils/SimpleSecurity
```

More information can be found at
<https://help.github.com/en/articles/cloning-a-repository>

#### Using GitHub Desktop
1. Press the Clone or download button in the top right
2. Click open in desktop
3. Choose the path for where you want and click Clone

More information can be found at
<https://help.github.com/en/desktop/contributing-to-projects/cloning-a-repository-from-github-to-github-desktop>

### Download Zip File

1. Download this GitHub repository
2. Extract the zip archive
3. Copy/ move to the desired location

## Community Files
### Licence
MIT License
Copyright (c) FredHappyface
(See the [LICENSE](/LICENSE.md) for more information.)

### Changelog
See the [Changelog](/CHANGELOG.md) for more information.

### Code of Conduct
Online communities include people from many backgrounds. The *Project*
contributors are committed to providing a friendly, safe and welcoming
environment for all. Please see the
[Code of Conduct](https://github.com/FHPythonUtils/.github/blob/master/CODE_OF_CONDUCT.md)
 for more information.

### Contributing
Contributions are welcome, please see the
[Contributing Guidelines](https://github.com/FHPythonUtils/.github/blob/master/CONTRIBUTING.md)
for more information.

### Security
Thank you for improving the security of the project, please see the
[Security Policy](https://github.com/FHPythonUtils/.github/blob/master/SECURITY.md)
for more information.

### Support
Thank you for using this project, I hope it is of use to you. Please be aware that
those involved with the project often do so for fun along with other commitments
(such as work, family, etc). Please see the
[Support Policy](https://github.com/FHPythonUtils/.github/blob/master/SUPPORT.md)
for more information.

### Rationale
The rationale acts as a guide to various processes regarding projects such as
the versioning scheme and the programming styles used. Please see the
[Rationale](https://github.com/FHPythonUtils/.github/blob/master/RATIONALE.md)
for more information.

