Install Python packages with confidence
depshieldx adds a security gate in front of your package installation. Resolve dependencies, verify provenance, scan for vulnerabilities, and get signed receipts—all before installing to your system.
What Makes depshieldx Different
A comprehensive security solution built into your package workflow
Deep Dependency Analysis
Resolves and checks your entire dependency tree, not just the package you're installing.
- Full resolved package versions
- PyPI provenance metadata
- Attestation verification
Multi-Source Vulnerability Scanning
Queries multiple authoritative sources for security advisories and vulnerabilities.
- OSV Database
- GitHub Advisories
- CISA KEV Catalog
- deps.dev
Docker Sandbox Testing
Run installations in an isolated Docker environment before touching your system.
- Safe installation testing
- Trivy deep scanning
- Zero host impact
Signed Receipt Auditing
Every installation is recorded with cryptographic signatures for compliance and review.
- Detailed audit trail
- Signature verification
- Compliance ready
Flexible Workflows
Works with your existing Python dependency files and tools.
- requirements.txt
- uv.lock & pyproject.toml
- Direct package names
Two Speed Modes
Choose between fast checks for daily use or deep scans for critical packages.
- Fast mode: quick CVE checks
- Deep mode: full sandbox
- Flexible per-install
Local Cache UI
Inspect receipts and cached scan data in a browser without sending that data anywhere else.
- Local-only on 127.0.0.1
- Read-only cache views
- Custom port support
Practical Platform Support
The core install and scan workflow is designed to work across macOS, Linux, and Windows, with platform-specific routing shims where needed.
- UI is platform-friendly
- Routing uses shell or batch shims
- Deep mode depends on Docker + Trivy
Operating Modes
Choose the right balance of speed and security for your workflow
⚡ Fast Mode
Perfect for your daily development workflow. Resolves dependencies and queries vulnerability databases without the overhead of containerization.
Checks provenance, CVEs, and package versions in seconds.
🔒 Deep Mode
For critical packages and production deployments. Runs the same fast checks, then installs inside Docker and scans with Trivy before touching your system.
Maximum security with full isolation and behavioral analysis.
Common Commands
Easy-to-use CLI for all your packaging needs
Installation & Scanning
install requests
install langchain requests --deep
scan -r requirements.txt
scan --pyproject pyproject.toml --deep
Receipts & Local UI
receipts list
receipts verify receipt.json
receipts delete
ui
ui --port 8765
ui --no-open
Platform Notes
Core path: macOS, Linux, Windows
UI: local-only at 127.0.0.1
Routing: shell shim or pip.bat
Deep mode: Docker + Trivy required
Ready to secure your Python packages?
Join developers who are taking control of their supply chain security. Get started with depshieldx today.