Metadata-Version: 2.1
Name: pychk
Version: 1.0.1
Summary: A command line tool for developers to check if their project dependencies have known vulnerabilities.
Home-page: https://github.com/ayushpriya10/pychk
Author: Ayush Priya
Author-email: ayushpriya10@gmail.com
License: UNKNOWN
Keywords: pip requirements security SAST sast vulnerability dependencies dependency vulnerable
Platform: UNKNOWN
Classifier: Development Status :: 4 - Beta
Classifier: License :: OSI Approved :: MIT License 
Classifier: Programming Language :: Python :: 3.6
Requires-Python: >=3.6
Description-Content-Type: text/markdown
Requires-Dist: argparse
Requires-Dist: packaging
Requires-Dist: requests

# Pychk

Pychk is a tool to help developers identify vulnerable dependencies being used in their project. It reads the project's dependencies from the specified file (which is usually `requirements.txt`) and checks the entries in it against entries in a database of packages with known vulnerabilities associated with them.

## Installation

Pychk can be easily installed with PIP with the following command:

```bash
pip3 install pychk
```

## Usage

Pychk reads the project dependencies from the file specified by the user (by default, Pychk will look for 'requirements.txt' in the current directory). It can also, optionally, write the output to a specified file in JSON format.

* Running Pychk with defaults:

```bash
pychk
```

* Running Pychk against a specific file:

```bash
pychk [-p/--path <path to file>]
```

* Writing the output to a file:

```bash
pychk [-o/--out-file <file>]
```

* Displaying help:

```bash
pychk -h/--help
```


