ββββββ ββββ βββ βββββββ βββββββββββ ββββββ
βββββββββββββ βββββββββββ βββββββββββ ββββββββ
ββββββββββββββ ββββββ ββββββββββ βββ ββββββββ
βββββββββββββββββββββ βββββββββ βββ ββββββββ
βββ ββββββ ββββββββββββββββββββββββββββββββββ βββ
βββ ββββββ βββββ βββββββ βββββββββββββββββββ βββ
Fast Python dependency updater and vulnerability scanner written in Go.
This is a quick overview β security theory, architecture, and full walkthroughs are in the learn modules.
- Scans pyproject.toml and requirements.txt for known CVEs via OSV.dev
- Updates all Python dependencies to latest stable versions in one command
- Parallel queries against PyPI with local ETag caching for speed
- Full PEP 440 version parsing with automatic pre-release filtering
- Comment-preserving file updates that keep your formatting intact
- Configurable via .angela.toml or [tool.angela] in pyproject.toml
go install github.com/CarterPerez-dev/angela/cmd/angela@latest
angela scanTip
This project uses just as a command runner. Type just to see all available commands.
Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin
| Command | Description |
|---|---|
angela init |
Initialize a new .angela.toml configuration file |
angela update |
Update all Python dependencies to latest stable versions |
angela check |
Preview available updates without modifying files |
angela scan |
Scan dependencies for known CVEs via OSV.dev |
angela cache clear |
Clear the local ETag and version cache |
This project includes step-by-step learning materials covering security theory, architecture, and implementation.
| Module | Topic |
|---|---|
| 00 - Overview | Prerequisites and quick start |
| 01 - Concepts | Security theory and real-world breaches |
| 02 - Architecture | System design and data flow |
| 03 - Implementation | Code walkthrough |
| 04 - Challenges | Extension ideas and exercises |
AGPL 3.0