The go-to resource for upgrading Python, Django, Flask, and your dependencies.

Posts Tagged: devsecops

Auditing Flask 3.0 Dependencies for OWASP Top 10 Vulnerabilities

Audit Flask 3.0 dependencies for OWASP Top 10 A06 vulnerabilities using pip-audit, poetry audit, and safety CLI. Covers detection, fixes, and CI/CD integration for Werkzeug, Jinja2, and other deps.

Mar 15, 2026

flaskflask-3.0owasp-top-10pip-auditpoetry-auditsafetypython-securityvulnerabilitiesdevsecopsdependencieswerkzeug
Detecting Malicious PyPI Packages: Typosquatting Attacks on requests, urllib3, and pillow

Detect typosquatting PyPI packages mimicking requests urllib3 pillow: low downloads, suspicious uploaders, few versions. Python supply chain security script queries PyPI API/stats, flags risks. Prevent supply-chain attacks – actionable audit steps, CI integration.

Mar 15, 2026

pythonpypityposquattingsecurityrequestsurllib3pillowsupply-chainpip-auditdevsecops
How to Fix Vulnerable Dependency Errors in requirements.txt for PCI DSS Compliance

PCI DSS compliance Python: Fix vulnerable dependencies in requirements.txt. Step-by-step guide using pip-audit, safety CLI, pip-tools/uv locking. Quarterly scans, exact pinning, hashes for Req 6.2.3 audits. Pass vulnerability scans – requirements.txt security best practices 2026.

Mar 15, 2026

pythonpci-dssvulnerabilitiesrequirements.txtpip-auditsafetycompliancedevsecopspip-toolsuv
Poetry audit vs pip-audit vs safety: PyPI Vulnerability Coverage Comparison

We compare poetry audit, pip-audit, and safety CLI across vulnerability detection coverage, speed, data sources, output formats, and CI integration. Benchmarks on Flask, Django, and FastAPI projects reveal trade-offs for different workflows.

Sep 30, 2024

pythonpoetry-auditpip-auditsafety-clivulnerabilitiespypisecurity-auditdependency-scannerdevsecopspip-toolspoetrypipenv
Running pip-audit in CI/CD: Failing Builds on Critical and High Severity Vulnerabilities

Integrate pip-audit into GitHub Actions, GitLab CI, and Jenkins: fail builds on critical and high severity vulnerabilities only. Scripts for JSON severity filtering, ignore rules. Secure Python dependencies in CI/CD pipelines.

Mar 15, 2026

pip-auditCI/CDGitHub ActionsGitLab CIJenkinsPython securityvulnerability auditdependency scanningdevsecopscritical vulnerabilitieshigh severity
Securing Your Python Supply Chain: Scanning poetry.lock for Compromised Maintainers

A script to check poetry.lock files for packages maintained by known compromised PyPI accounts. Queries PyPI API and cross-references a curated list; suitable for CI/CD integration.

Mar 15, 2026

pythonpoetrypoetry.locksupply-chain-securitypypimaintainerscompromiseddevsecopssecurityaudit
Security & Vulnerabilities (CVEs, pip-audit, safety): Python Dependency Auditing Guide

Secure your Python projects: Detect CVEs in dependencies using pip-audit and safety CLI. Installation, usage examples, benchmarks, CI integration for requirements.txt, Poetry, uv. Fix vulnerabilities fast – pip-audit tutorial, safety check best practices 2026.

Mar 15, 2026

pythonsecurityvulnerabilitiescvepip-auditsafetydependency-securitydevsecopspip-tools