PySentry
Help to test and improve · Participate in pysentry usage survey
Please, send feedback to nikita@pysentry.com
A fast, reliable security vulnerability scanner for Python projects, written in Rust.
PySentry audits Python projects for known security vulnerabilities by analyzing dependency files and cross-referencing them against multiple vulnerability databases.
Documentation · Benchmarks · Buy Me a Coffee
Features
- Multiple formats —
uv.lock,poetry.lock,Pipfile.lock,pylock.toml,pyproject.toml,Pipfile,requirements.txt - Multiple sources — PyPA Advisory Database, PyPI JSON API, OSV.dev (all enabled by default)
- PEP 792 support — Detects archived, deprecated, and quarantined packages
- Flexible output — Human-readable, JSON, SARIF, Markdown
- Fast — Written in Rust with async processing and caching
Installation
# Using uvx (recommended)
# Using pip
# Using cargo
# Pre-built binaries available at GitHub Releases
See Installation Guide for all options.
Quick Start
# Scan current directory
# Scan specific project
# Filter by severity
# Output to JSON
# Fail on critical vulnerabilities only
# Block quarantined packages (malware protection)
See Quickstart Guide for more examples.
Pre-commit
repos:
- repo: https://github.com/pysentry/pysentry-pre-commit
rev: v0.4.3
hooks:
- id: pysentry
# Use compact mode for minimal pre-commit output
# args: ['--compact']
Configuration
PySentry supports TOML configuration via .pysentry.toml or pyproject.toml:
# .pysentry.toml
= 1
[]
= "medium"
= "high"
[]
= ["pypa", "osv"]
[]
= ["CVE-2023-12345"]
See Configuration Guide for all options.
Documentation
Full documentation is available at docs.pysentry.com:
Requirements
- For
requirements.txtscanning: Installuv(recommended) orpip-toolsfor dependency resolution - Python: 3.9–3.14 (for pip/uvx installation)
- Rust: 1.79+ (for cargo installation or building from source)