FreeOpen SourcePython

Secure Your Software Supply Chain

Open-source Python platform for dependency security

Features

Behavioral Analysis

Monitor and analyze the behavior of your dependencies to detect anomalies and potential security threats.

from provchain import analyze

results = analyze.dependencies("requirements.txt")
for issue in results.issues:
    print(f"Found: {issue.type} - {issue.package}")

Provenance Verification

Verify the origin and integrity of packages using cryptographic signatures and build attestations.

from provchain import verify

verification = verify.provenance("package-name==1.0.0")
if verification.valid:
    print("Package verified successfully")

Continuous Monitoring

Set up continuous monitoring to receive alerts when new vulnerabilities or issues are detected.

from provchain import monitor

monitor.watch("requirements.txt", 
              callback=handle_alert,
              check_interval=3600)

Dependency Analysis

Deep analysis of your dependency tree to identify risks, conflicts, and optimization opportunities.

from provchain import analyze

tree = analyze.tree("requirements.txt")
risks = tree.identify_risks()
print(f"Found {len(risks)} potential risks")

Installation

Terminal

Get Started in Minutes

Check out our quick start guide to get up and running with ProvChain.

Join the Community

ProvChain is open source and community-driven. Contribute, report issues, or join discussions.