v1.0Python 3.12+99% Coverage

Scanipy Documentation

A powerful CLI tool to scan open source code-bases on GitHub for security patterns and vulnerabilities. Search repositories, run Semgrep and CodeQL analysis, and discover security issues at scale.

Quick Start

terminal

# Clone and setup

$ git clone https://github.com/papadoxie/scanipy.git && cd scanipy

$ python -m venv .venv && source .venv/bin/activate

$ pip install -r requirements.txt

# Set your GitHub token

$ export GITHUB_TOKEN="your_token_here"

# Search for vulnerable patterns

$ python scanipy.py --query "extractall" --language python --run-semgrep

Key Features

Smart Code Search

Search GitHub for code patterns across millions of repositories with tiered star-based ranking.

Semgrep Integration

Automatically clone and scan top repositories with Semgrep for security vulnerabilities.

CodeQL Analysis

Run deep semantic security scanning powered by GitHub's CodeQL engine.

Containerized Execution

Run parallel scans using Kubernetes Jobs with EKS-ready deployments.

Database Support

SQLite for local dev, PostgreSQL for production. Full schema migration support.

Resume Capability

Resume interrupted analysis from where it left off. Never lose progress.

Getting Started

Installation

Set up Scanipy and dependencies

Usage Guide

Learn basic and advanced usage

CLI Reference

Complete command-line options

Examples

Real-world usage examples

Browse Documentation

Integrations

Semgrep

Static analysis scanning

CodeQL

Semantic security analysis

Developer Docs

Architecture

System design overview

Module Reference

Internal module APIs

Design Decisions

Why things are built this way

Testing Guide

Test patterns & coverage