Metadata-Version: 2.4
Name: ossv-scanner
Version: 0.1.0
Summary: A tool for scanning OSS projects for dependencies and vulnerabilities
Home-page: https://github.com/maxg67/OSS.git
Author: Your Name
Author-email: your.email@example.com
Classifier: Programming Language :: Python :: 3
Classifier: License :: OSI Approved :: MIT License
Classifier: Operating System :: OS Independent
Requires-Python: >=3.8
Description-Content-Type: text/markdown
Requires-Dist: requests>=2.28.0
Requires-Dist: cyclonedx-bom>=3.0.0
Requires-Dist: matplotlib>=3.6.0
Requires-Dist: seaborn>=0.12.0
Requires-Dist: plotly>=5.10.0
Requires-Dist: pandas>=1.5.0
Requires-Dist: aiohttp>=3.8.0
Requires-Dist: asyncio>=3.4.3
Requires-Dist: diskcache>=5.4.0
Requires-Dist: jinja2>=3.1.0
Requires-Dist: tqdm>=4.64.0
Requires-Dist: lxml>=4.9.0
Requires-Dist: beautifulsoup4>=4.11.0
Requires-Dist: packaging>=21.3
Requires-Dist: python-dateutil>=2.8.2
Requires-Dist: colorama>=0.4.5
Requires-Dist: click>=8.1.0
Requires-Dist: rich>=12.5.0
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: description-content-type
Dynamic: home-page
Dynamic: requires-dist
Dynamic: requires-python
Dynamic: summary

# OSS Vulnerability Scanner

A comprehensive tool for scanning Open Source Software projects for dependencies, generating Software Bill of Materials (SBOM), and checking for known vulnerabilities.

## Features

- **Dependency Parsing**: Scans OSS projects and extracts dependencies from configuration files
- **SBOM Generation**: Creates Software Bill of Materials in CycloneDX format
- **Vulnerability Checking**: Queries the National Vulnerability Database (NVD) for known vulnerabilities
- **Caching**: Implements caching to avoid repeated queries and improve performance
- **Visualization**: Provides visual representation of vulnerability data
- **Detailed Reporting**: Generates comprehensive vulnerability reports

## Supported Package Managers

- Python (`requirements.txt`, `setup.py`)
- JavaScript (`package.json`)
- Java (`pom.xml`)

## Installation

```bash
# Clone the repository
git clone https://github.com/yourusername/ossv-scanner.git
cd ossv-scanner

# Install the package
pip install -e .
```

## Usage

### Command-Line Interface

```bash
# Scan a project
ossv-scan /path/to/project

# Generate SBOM only
ossv-scan --sbom-only /path/to/project

# Output formats
ossv-scan --output-format html /path/to/project
ossv-scan --output-format json /path/to/project

# Specify cache location
ossv-scan --cache-dir /path/to/cache /path/to/project
```

### Python API

```python
from ossv_scanner import Scanner

# Create a scanner instance
scanner = Scanner()

# Scan a project
results = scanner.scan('/path/to/project')

# Generate report
scanner.generate_report(results, output_format='html', output_path='report.html')
```

## Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

## License

This project is licensed under the MIT License - see the LICENSE file for details.
