Skip to content

DependencyAuditor (pip-audit)

Type-safe wrapper for pip-audit, a tool that checks installed dependencies for known vulnerabilities.

This complements Bandit:

  • Bandit scans your code for insecure patterns.
  • pip-audit scans your dependencies for known CVEs/advisories.

Subclassing Example

# myapp/dev/management/dependency_auditor.py
from pyrig.dev.management.dependency_auditor import DependencyAuditor as BaseDA
from pyrig.src.processes import Args


class DependencyAuditor(BaseDA):
    @classmethod
    def get_audit_args(cls, *args: str) -> Args:
        # Example: enforce a stable machine-readable output format
        return super().get_audit_args("--format", "json", *args)
  • Architecture - Design philosophy and extension mechanisms
  • Tooling - Why pyrig chose each tool