$ shouldi install insecure-package bandit
bandit is okay to install
Do not install insecure-package! {'safety_check_number_of_issues': 1}
shouldi
depends on safety, pylint, and bandit being installed separately.
$ python3 -m pip install -U safety pylint bandit
shouldi
is a tool that runs static analysis tools to let you know if there are
any issues in any of the python packages you were thinking of installing.
shouldi
is similar to things like Go Report Card.
Right now shouldi
runs the following static analysis tools and complains if:
shouldi is distributed under the MIT License.
The real name of this package is "DFFML Evaluator for PyPi Packages". shouldi
is mearly the command line invokation, and we claim shouldi
, the package name
on PyPi, to avoid a supply chain attack.